This article covers how to configure Nervepoint Access Manager to use Exchange 2010 both using an authenticated session as well as an unauthenticated session.
Configuring Authenticated SMTP
Step 1: Configure Nervepoint Receive Connector
- If you do not have one you can use, create a user account for Nervepoint to use for authentication. For example 'nervepointsmtp'.
- Give that user an Exchange account.
- Create a new Receive Connector called "Nervepoint SMTP relay" or something.
Step 2: Configure Network
Configure for the IP address of Nervepoint (for added security), and choose a free e.g. 2500.
Step 3: Configure Authentication Tab
Enable the following settings:
- Transport Layer Security
- Basic Authentication
- Offer Basic authentication only after starting TLS
- Integrated Windows authentication
- Externally secured
Step 4: Configuring Permission Groups
Enable the following settings:
- Exchange users
Step 5: Configure Your Nervepoint Server
From the mail configuration page (Administrative portal->Configuration->Network) disable 'Simple Mode'. This will allow you to configure your own Exchange mail server for use by Nervepoint Access Manager.
Set the following:
- Mail Server Hostname - use the hostname or IP address of the exchange server.
- Mail Server Port - set to 2500 (or whatever you chose for the receive connector).
- Mail Server Username/password - use 'nervepointsmtp' (or the credentials of whatever account you chose/created)
- TLS - enable
- Default Send Address - we recommend using the sender address of the account used for authentication, e.g. nervepointsmtp@mydomain.com. You may be able to use others, but this will probably require further configuration on Exchange
After saving these settings Nervepoint will be configured to use a secure authenticated session with your mail server to send out email notifications to your users.
Configuring Unauthenticated SMTP
We recommend that authenticated SMTP is used and this process should be used if you cannot get an authenticated configuration working.
Step 1: Configure a new Receive Connector
- Set up a new Receive Connector on your Exchange server.
- Allow only the IP address of the nervepoint server to connect to it (say on port 2500).
- Select 'Anonymous' in the 'Permission Groups' tab of the connector properties
- Uncheck all checkboxes in 'Authentication' tab except for 'Transport Layout Security (TLS)'
Step 2: Configure Your Nervepoint Server
From the mail configuration page (Administrative portal->Configuration->Network) disable 'Simple Mode'. This will allow you to configure your own Exchange mail server for use by Nervepoint Access Manager.
- Set Mail Server Port to 2500
- Remove both the username and password. This will force Nervepoint to use an anonymous SMTP connection.
After saving these settings Nervepoint will be configured to use a insecure anonymous session with your mail server to send out email notifications to your users.