Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Exchange 2010 Hub/Edge Transport Question

  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2010 Hub/Edge Transport Question

    I am setting up Exchange 2010 in an existing Exchange 2003 environment. Single domain with about 500 mailbox users. I have NOT setup a server with Edge Transport installed yet.

    My question is, can I configure a receive connector in the Hub Transport that will receive mail from outside my domain (Internet)? I would have to do this by allowing anonymous users on that connector.

    I know it is not recommended, but all of our outside mail goes into a Sophos spam/email appliance that checks it for bogus mail and then is forwarded on to the exchange server. Our Sophos email appliance is located in our DMZ zone, but is also accessible from within our network. After reading up on Exchange 2010, isn't my email appliance/spam firewall the same as the Edge Transport device?

    The Sophos appliance is also behind a firewall.

    Hope I explained that clearly enough.


  • #2
    Re: Exchange 2010 Hub/Edge Transport Question

    The short answer is yes, you can just setup a receive connector to accept anonymous email from the Sophos device.

    Others could probably speak better to the best practices.

    Network Consultant/Engineer
    Baltimore - Washington area and beyond


    • #3
      Re: Exchange 2010 Hub/Edge Transport Question

      There is no need to setup an additional Receive Connector. Just enable anonymous on the Default and restart Transport.

      From a best practises point of view, that depends who you ask. Microsoft of course will say that you should have Edge, TMG etc. However if we all operated to Microsoft's best practises every site would have seven domain controllers and two or three Exchange servers.

      Personally I have no issue with exposing Exchange directly to the Internet. As long as it is build correctly, patched and a decent password policy is implemented, with the usual security procedures followed, it isn't much of problem.

      Simon Butler
      Exchange MVP

      More Exchange Content:
      Exchange Resources List:
      In the UK? Hire me:

      Sembee is a registered trademark, used here with permission.