Blog (at) Mreza.Info

Pretty common problem this days is around specified FQDN for external connections from Exchange 2007 HUB servers.

For demo purposes let's say our internal FQDN of Exchange 2007 HUB server is DEMO-E2K7SP1.demo.pri and external FQDN is demomail.exchange.si.

Specify FQDN for Send Connector

We need to specify FQDN for each send connector we created for internet delivery. In our case we have send connector named Internet. Let's specify FQDN:

Set-SendConnector -Identity "Internet" -Fqdn demomail.exchange.si

As you can see demomail.exchange.si is specified as FQDN for above mentioned send connector. Please do not forget to also create/use certificate with Subject Name (or Subject Alternative Name) demomail.exchange.si.

Let's see what will be present in mail header at recipient side. As you can see bellow in the first red marked part demomail.exchange.si FQDN was used at HELO/EHLO step when contacting recipient mail server.

As you may also noticed DEMO-E2K7SP1.demo.pri is also visible in mail header. There is nothing wrong with that! It's expected behavior of every mail server in the planet. Full 'travel' path is always included in message header.

How do I hide internal servers from message header?

My recommended solution is with Transport Rules usage. Here is sample transport rule that strip Receive part from message header.

Create new transport rule:

Specify Condition from users Inside the organization, sent to users Outside the organization and Action remove header (Received).

If we look again into message header you will notice that internal server is not visible anymore (Received: from DEMO-E2K7SP1.demo.pri). Removing other parts from message header can also be done with Transport Rules.

I hope this problem with distinguishing between configuration errors and records in message header is just a bit more clear now.