Share via

Exchange 2016 (disabling Default Frontend SERVER connectors)

CWT 391 Reputation points
2020-11-05T21:45:12.87+00:00

Hello,

Simple question that I have not seen asked. Have a previous post where a great resource assisted by helping to clarify some things regarding Receive Connectors. I feel real good with that conversation, but today when I was setting up a few commands to restart the Microsoft Exchange Frontend Transport service (required to restart after making Frontend connector changes), I noticed the following description which I did not expect.

Original Post:
https://learn.microsoft.com/en-us/answers/questions/71815/receive-connector-odd-question.html

Scenario:
I plan to disable the Default Frontend SERVER Receive connectors on all of our Exchange servers. I then plan to re-create a new Frontend Receive connector that is identical in every way except it will be scoped for our inbound SMTP traffic IPs only. I understand that this would prevent internal mail relay that the Default Frontend connector would by default allow for, but we will have internal relay covered via a second and third connector, so we should be all set there.

Question is, the Microsoft Exchange Frontend Transport service has a description that reads as follows:
This service proxies SMTP connections inbound to Hub servers and outbound from Hub servers

This implies that Exchange to Exchange native communication uses this connector for more than JUST inbound SMTP over port 25. Can I disable this connector as I referenced above and have a second one locked to our inbound SMTP IPs without breaking something else regarding Exchange to Exchange mail flow? Could I just add all Exchange server IPs to the new connector we have scoped to get around this if if does break things?

Thanks,

CWT

Exchange Online
Exchange Online
A cloud-based service included in Microsoft 365, delivering scalable messaging and collaboration features with simplified management and automatic updates.
0 comments
Answer accepted by question author
  1. Eric Yin-MSFT 4,396 Reputation points
    2020-11-06T07:32:46.053+00:00

    In my opinion, you've got two things wrong , firstly, see this Default Receive Connectors:
    37946-4.png

    Default Fronted Server does not work for internal mail flow. Also, the description you mentioned might be too old, we don't have hub server since Exchange 2013. In case it is modified to "This service proxies SMTP connections inbound/outbound to mailbox server", it's still not talking about the internal mail flow things, tell me if I misunderstand your meanings.

    Secondly, see this transport pipeline:
    37914-3.png
    When mail routing between exchange servers, front end transport service is not involved. The key connector for internal mail flow is named "Default <servername>" and the port is 2525, for further information see Default Receive connectors in the Transport service on Mailbox servers.

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. CWT 391 Reputation points
    2020-11-06T15:37:42.99+00:00

    Thanks for the reply and additional information Eric (much appreciated). I think your correct in that that service description was just never updated to reflect Exchange 2013+ which is what really threw me for a loop in the first place. Made me rethink things when I saw the outbound from Hub servers referenced :o)

    Knowing that I can disable the Default Frontend connectors without issue (provided we create another one scoped as needed), substantiates what I previously understood. Not forgetting about other Frontends to account for mail relay requirements of course.

    Thanks much,

    CWT

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.