If you're like most, you need an internal relay on your Exchange server to allow devices and applications inside to send email without the need for credentials. Since the connector can be scoped to the IP address of the source, this is a pretty good way to set it up.
I ran into a new issue on our new Exchange server today. When you create the new Internal Relay receive connector to allow anonymous access, you must run a PowerShell command to make the connector accept messages. This assumes you have the correct IP addresses in the relay.
Run this first:
Get-ADPermission "YourConnectorName" |
Where-Object { $_.User -like "NT AUTHORITY\ANONYMOUS
LOGON" -and $_.ExtendedRights -like
"*SMTP-Accept-Any-Recipient*" }
If this returns nothing, and it probably will, run this command to add the permissions:
Get-ReceiveConnector "YourConnectorName" |
Add-ADPermission -User "NT AUTHORITY\ANONYMOUS
LOGON" `
-ExtendedRights
"Ms-Exch-SMTP-Accept-Any-Recipient"
Good luck!
