Adjusting Exchange 2003 mail flow settings for Exchange 2010

If you're migrating from Exchange Server 2003 to Exchange 2010, you'll need to reconfigure how Internet mail is sent and received. Switching from an edge transport server to a hub transport server can save you money. Let's look at a few other configuration tweaks you can make.

This tip follows up on a recent tip on smoothly transitioning from Exchange Server 2003 to Exchange 2010.

When bringing Exchange 2010 server into an existing Exchange 2003 environment, you can't initially send and receive Internet mail via the hub transport server. This is because Microsoft recommends that you place an edge transport server between the Internet and your back-end Exchange server.

An edge transport server is actually a hardened Exchange server that sits on the network perimeter. It maintains message hygiene as SMTP mail flows in and out of an Exchange organization. The edge transport server also shields back-end Exchange servers from direct Internet exposure.

Using an edge transport server is a good idea, but it's not a requirement. Given the current economic climate, I expect that a lot of organizations implementing Exchange 2010 will initially forgo the edge transport server to save money. If you decide to do this, you'll have to configure your hub transport server to send and receive Internet mail.

Note: If you decide not to use an edge transport server, I recommend that you place your mailbox server role on a different Exchange Server, if possible.

To prepare your hub transport server to send and receive Internet mail, create a send connector. The send connector allows the hub transport server to send mail directly to the Internet.

To create a send connector, follow these four steps:

  1. Open the Exchange Management Console and navigate to Organization Configuration -> Hub Transport.

  3. Go to the Actions pane and click on the New Send Connector link.

  5. When the New Send Connector Wizard opens, set the connector's use to Internet.

  7. Click Next and set the address to *.

The wizard's other options vary depending on your network configurations, but you do want to ensure that the source server option is set to use the Exchange 2010 hub transport server.

Exchange Server 2010 also uses a default receive connector to receive Internet mail. The hub transport server expects to receive mail from an edge transport server, not directly from the Internet. Because of this, the receive connector is configured to block all unauthenticated inbound SMTP traffic.

Since most Internet mail is not authenticated, you must configure the receive connector to allow anonymous SMTP connections. To do so:

  1. Open the Exchange Management Console and navigate to Server Configuration -> Hub Transport Server.

  3. Right-click on the receive connector and select Properties. Windows will display the receive connector's properties sheet.

  5. Go to the Permission Groups tab and select the Anonymous Users check box.

  7. Click OK.

Whether you use an edge transport server or a hub transport server, there is one final step to get mail flowing. You must redirect the inbound messages from one of your Exchange 2003 servers to either an edge transport server or a hub transport server.

Typically, the MX record for your domain will point to a firewall, which will reroute inbound SMTP traffic to an internal server. Therefore, you must reconfigure the firewall port forwarding to send SMTP traffic to the edge transport server or to the newly configured hub transport server.

Converting recipient policies to Exchange 2010 email address policies

More on Exchange Server 2010:
Leapfrogging from Exchange 2003 to Exchange 2010

What's new in Microsoft Outlook 2010?

Advice for virtualizing Exchange 2010 server roles

Most Exchange organizations' internal domain names are different than the external domain names. For example, my primary external domain name is, but my Exchange servers reside on an internal domain named In this case, you must use recipient policies to define the appropriate external email addresses for your users.

Microsoft has replaced recipient policies with email address policies in Exchange Server 2007 and Exchange 2010. This means that when migrating from Exchange 2003, you'll need to convert your recipient policies into email address policies.

Doing so is quite simple. Open the Exchange Management Shell and enter the following command:

Get-EmailAddressPolicy | where {$_.RecipientFilterType –eq "Legacy"} | Set-EmailAddressPolicy –IncludeRecipients AllRecipients

This EMS command compiles a list of all mailboxes that use a legacy recipient policy. The command then converts the recipient policy into an email address policy.

About the author: Brien M. Posey, MCSE, is a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his work with Exchange Server, Windows Server, Internet Information Services (IIS), and File Systems and Storage. Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal website at

Do you have comments on this tip?  Let us know.

Dig Deeper on Legacy Exchange Server versions