Exchange Server Share

May 26, 2008

How To: Remove Header from Outgoing Mails in Exchange 2007

Filed under: Exchange,Exchange 2007,PowerShell — Amit Tank @ 12:59 pm

This is frequently asked question, how to remove header from outgoing mails.

If SMTP send session on Exchange Server does not have “Send Routing Header” permission then it will remove all “Received:” headers.

In our example, ANONYMOUS LOGON has Send Routing Header permission on Send Connector named “Internet”

Verify with ADSIEdit.msc.

ADSIEdit.MSC -> CN=Configuration -> CN=Services -> CN=Microsoft Exchange -> CN=”Organization Name” -> CN=Administrative Groups -> CN=Exchange Administrative Group -> CN=Routing Groups -> CN=Exchange routing Group -> CN=Connections -> CN=”Send Connector Name”

image

Run below command to remove Send Routing Headers permission from send connector.

Get-SendConnector “Connector Name” | Remove-ADPermission -AccessRight ExtendedRight -ExtendedRights “ms-Exch-Send-Headers-Routing” -user “NT AUTHORITY\Anonymous Logon”

image

Verify with ADSIEdit that Anonymous Logon is removed.

image

Now, ANONYMOUS LOGON has NOT Send Routing Header permission on Send Connector named “Internet” so it doesn’t send internal header to internet.

Note: After removing permission you need to restart Microsoft Exchange Transport Service to get effective.

 

 

How To: Revert the Permission:

Now if you want to revert it back at some point of time like, management decided to send header info to internet then you can add the permission back.

Method 1: With PowerShell

Run below command to add Send Routing Headers permission back on send connector.

Get-SendConnector “Connector Name” | Add-ADPermission -AccessRight ExtendedRight -ExtendedRights “ms-Exch-Send-Headers-Routing” -user “NT AUTHORITY\Anonymous Logon”

image

You can verify with ADSIEdit that Anonymous Logon is added back.

image

Method 2: With ADSIEdit

Open ADSIEdit and go to below path and find your send connector which sends mail to internet.

ADSIEdit.MSC -> CN=Configuration -> CN=Services -> CN=Microsoft Exchange -> CN=”Organization Name” -> CN=Administrative Groups -> CN=Exchange Administrative Group -> CN=Routing Groups -> CN=Exchange routing Group -> CN=Connections -> CN=”Send Connector Name”

Right click on the connector, select the properties, in the Security tab, Add ANONYMOUS LOGON.image

Select Send Routing Headers Allow Permission and click OK… and close ADSIEdit.

image

Permission is back and Send connector sends header to internet.

image

Note: After doing this operation you need to restart Microsoft Exchange Transport Service to get effective.

Hope this helps…!!!

 

Reference : Understanding Header Firewall

http://technet.microsoft.com/en-us/library/bb232136(EXCHG.80).aspx

 

About these ads

1 Comment

  1. [...] How To: Remove Header from Outgoing Mails in Exchange 2007 [...]

    Pingback by Weekend reading - subject: exchange — June 6, 2008 @ 6:03 pm


RSS feed for comments on this post.

Theme: Rubric. Get a free blog at WordPress.com

Follow

Get every new post delivered to your Inbox.

Join 32 other followers

%d bloggers like this: