Thursday, May 3, 2012

Change display name when sending emails via SMTP in Exchange 2010

Last week one of our clients that we are migrating from Exchange 2003 to Exchange 2010 had a interesting problem.
We configured for him a receive connector that allows open relay from certain IP addresses. Everything worked fine until he tried to change the display name when sending an email via SMTP. No matter what was set in the email header, when the recipient was receiving it, the display name of the email sender was the one that was defined in Active Directory. This is a normal behavior when you send an email in Exchange via SMTP with authentication but in this case there was no authentication configured.
If you search the internet for ways to configure open relay in Exchange 2010, you will notice (as specified on Microsoft web site http://technet.microsoft.com/en-us/library/bb232021.aspx) that there are two ways to obtain that, and one of them is to configure the receive connector as Externally Secured. This option works fine but is not exactly an anonymous connection to the receive connector, in fact the SMTP connection is authenticated as one from an Exchange server.
To be able to change the display name for sender when sending SMTP via open relay in Exchange 2010 you need to configure the receive connector by allowing Relay Permission for Anonymous Connections, not by using the Externally Secured configuration. To obtain that use the following cmdlets

New-ReceiveConnector -Name "Anonymous Relay" -Usage Custom -PermissionGroups AnonymousUsers -Bindings 10.2.3.4:25 -RemoteIpRanges 192.168.5.77
Get-ReceiveConnector "Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

8 comments:

  1. I created Receive Connector using Your instructions, but it does not work. Outlook still display sender Display Name from Active Directory instead from message header. Is there anything else I can do?

    Thank You Very Much.

    Ondrej Krhut

    ReplyDelete
    Replies
    1. Ondrej,

      Check if you added the correct IP address in the -RemoteIPRanges option. The solution is correct but you have to connect to the receive connector from the right IP address.
      Paul

      Delete
  2. When I track the message, I can find, it use correct ReceiveConnector:
    ClientIp : 10.168.23.11
    ServerIp : 10.168.23.72
    ServerHostname : exca01
    ConnectorId : EXCA01\Anonymous Relay EXCA01

    And that Connector have this server IP in RemoteIPRanges:
    RemoteIPRanges : {10.168.23.23, 10.168.23.40-10.168.23.45, 10.168.23.9-10.168.23.15, ...

    We are currently on Exchange 2010 SP2 (14.2.247.5).

    Do You have any other suggestion?

    Thank You very much.

    Ondrej Krhut



    ReplyDelete
    Replies
    1. You should check not to have any other type of authentication on that connector. I don't have any other idea but it should work without any problem.

      Paul

      Delete
  3. Hello again.
    I would like to apologize. I tested it again Yesterday manually using telnet and It really worked!
    But from our application it still does not work same as on ex2007 (thats why i thought it didnt work), it makes name resolution for sender address. I dont know why, but its probably not problem of receive connector. (With EX2007 as entering HUB server to exchange organization it worked correctly)
    I did another test. I created email manually using telnet. It was delivered correctly. But when I forwarded it as an attachment, sender inside the atachment was resolved from AD again. So sending this email trought exchange organization will modify also the message attachment, although the message header is not used for email routing and recipient determination. (I thing it didnt work this way, when message came trought Ex2007 Hub transport server).

    I will try to check up the sending web app, but it used such kind of common DotNet sending component.

    Sorry for my english. Hope You understand.

    Thank You for Your help and suggestions

    Best regards Ondrej Krhut

    ReplyDelete
    Replies
    1. Hello Ondrej,

      It's good that you sorted somehow :)

      Best regards,
      Paul

      Delete
  4. Hello

    This is my Final Reply, just FYI.

    It looks the problem was in version of Windows server and his SMTP service, acting as local (cashing only) SMTP server for guaranted emails delivery, in case of central SMTP outage.
    So when email came trought Windows 2008 Server's SMTP, the sender name was resolved from AD (which was unexpected and not correct). When used Windows 2008R2 (or WS2012) server's SMTP, the sender name is displayed correctly from email header, as we need.

    Have a nice day Ondrej Krhut

    ReplyDelete
  5. Thank you, your experience is much appreciated and helped us a a a lot ! Connector + Windows 2008 R2 did the trick ;) Kind regards.

    ReplyDelete