Category Archives: Relay

Sending Mass Mailers ,Marketing Emails, News letters via Exchange ?

At times we might get requirement where we want to  send mails in bulk from our messaging system to internal/external users for business case.

Though sending bulk emails is not at all advised due to many factors but however when business demands we do not have any other option other than going further.

The business may demand where we need to configure our mailing system to send advertisements, newsletters to the partners, customers in a week , in a day or even in every 2 hours.

We  would need to configure this requirement  in a way that it should not be getting affected on the below parameters :

a) Without affecting our normal email operations and without affecting our messaging system performance.

b) Without getting blacklisted as a spammer.

c) The Mass email that we send should Land-Up in the end users inbox ,not in spam folder and shouldn’t be trapped in their filters.

Based on industry best practices i have collected few points which can be taken into consideration when we plan for this type of requirements:

1) Determine how the mass mails are going to be sent  from which application ( Whether its internal ip  or external ip). Then  the mass mailers recipients ( whether it goes only to internal recipients or to both internal and external recipients). If its for internal recipients only the job wouldn’t be more complex.

2) If its going to be from an external IP then better don’t allow to relay these bulk emails through your domain.

3) Its not advised to allow sending bulk emails from an unregistered external ip to external users  from your domain since your IP and domain will get blacklisted in a matter of day.

4) If still there is a requirement to send mass mailers from external IP’s make sure the below are met :-

a) Send the mail using a known and registered sender address(domain) of which the domain part is traceable using reverse lookup, and has a valid  SPF.

b) Make sure they send all the emails with the correct subject ,message bodies, unsubscribe and adhere to all the local and legal requirements.

c) Try convincing the marketing team or the team who sends bulk email  to use  a different domain and a different IP address as your connecting IP  will  get blacklisted easily and will affect your production emails.

5) There are few SMTP appliance that can be placed in the DMZ which can accept emails from the mass mailing apps and can do the job.

There are more number of cheap bulk emailing tools that will do this job easier, including dealing with bounces, unsubscribe requests etc. Its even better to outsource  this requirement to any one of them.

Since the major outsourced providers are doing this business for a while in the market they will have all the configurations and settings in place with the ISP’s which will increase the delivery success rate of these emails.

 

But still if you would like to go for the mass mailing for external IP’s domains to external users  through exchange make sure the below conditions are met :

1) Create a dedicated server (CAS+MBX) for doing this job. Configure relay on this server.

2) Create a new database , Create the sender mailbox alone on this new database.

3) Create additional number of transport servers for load balancing  since SubmissionServerOverrideList  switch cannot be used from Exchange 2013. If you add Exchange 2010 hub server for this then you can use SubmissionServerOverrideList for that DB to use only that HUB server which will not affect the other transport servers.

Also make sure the below values are set in the send connectors :

Maximum concurrent outbound connections: 1000 *

Maximum concurrent outbound connections per domain: 20*
Set-SendConnector -SmtpMaxMessagesPerConnection 200

 

Also make sure  that you alter and configure these values on the relay receive connectors according to the number of  bulk emails  :

ConnectionInactivityTimeout
ConnectionTimeout
MaxInboundConnection
MaxInboundConnectionPercentagePerSource
MaxInboundConnectionPerSource
MaxRecipientsPerMessage
MessageRateLimit

Finally make sure these bulk emails are sent only during off business hours in-order to avoid load on the transport services during production hours.

Hope this helps !!

Thanks

Sathish Veerapandian

MVP – Exchange Server

Steps to configure anonymous or authenticated relay in Exchange 2013

Basically there can be 2 types of relay which will be used in an organization for relaying applications.

1) Internal Relay: Which might be an application which submits emails to exchange and in turn it delivers emails to users mailbox as a daily report, faxes etc.,

2) External Relay: An application might send out fax like invoice, quotation etc., to an external vendor for daily operation purpose.In turn the vendor can also send out some automated emails like daily sales report to user’s mailbox.

In order for both the functionality to work we need to have relay configured on the exchange side

The submission of the relay can happen in 2 ways

1) Anonymous

This relay happens through anonymous connection which means any account within that subnet assigned in the relay connector is authorized to submit emails to the organization.

2) Authenticated

This relay happens only through specific authenticated account by which the emails are submitted to the exchange side from the application, fax etc.,

For the authenticated relay to happen first we need to Create/configure a service account for the applications/copier to use

In this article we will be seeing on how to configure relay permission on Exchange 2013

First open EAC and then click on Mail Flow

Select the required server and then click on + Sign

Image

Type the name of the connector and then select Custom

Image

Click next and now we need to assign the correct subnets and the ip address

Note:This is very important point since giving permission to unknown subnets will make the server to behave as an open relay which is ready to accept spam messages. Ensure that you are giving only to the known subnets which requires relay.

Image

Now add the subnets

Image

Click finish. And now we need to give permission accordingly to the type of relay that we are going to assign to this connector

1) Anonymous

2) Authenticated

First we will look on how to give anonymous permission

Double click or click on edit on the relay connector

Image

Select anonymous users which is under security and click save

Image

Now we need to give required authentication to this anonymous users account for this connector. This can be done in 2 ways

Through Exchange Management Shell

Through ADSI Edit

We will see on how to grant permission through ADSI edit.

Open adsiedit and navigate to below location

Image

Click security and select anonymous logon and click submit messages to any recipient

Note: This permission should be granted only on relay connectors and it should never be granted on default receive connector.

Image

Follow the same steps for authenticated relay except for giving permission to anonymous user account give submit messages to any recipient permission to the associated service account.

Also you can run the below command to grant permission on anonymous account for relay connector alone.
Get-ReceiveConnector “Anonymous Relay” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”

Sathish Veerapandian

%d bloggers like this: