New-ReceiveConnector
This cmdlet is available only in on-premises Exchange.
Use the New-ReceiveConnector cmdlet to create Receive connectors on Mailbox servers and Edge Transport servers. Receive connectors listen for inbound SMTP connections on the Exchange server.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
New-ReceiveConnector
[-Name] <String>
-Bindings <MultiValuedProperty>
-RemoteIPRanges <MultiValuedProperty>
[-Custom]
[-AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
New-ReceiveConnector
[-Name] <String>
-Bindings <MultiValuedProperty>
[-Internet]
[-RemoteIPRanges <MultiValuedProperty>]
[-AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
New-ReceiveConnector
[-Name] <String>
-Bindings <MultiValuedProperty>
-RemoteIPRanges <MultiValuedProperty>
[-Partner]
[-AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
New-ReceiveConnector
[-Name] <String>
-RemoteIPRanges <MultiValuedProperty>
[-Bindings <MultiValuedProperty>]
[-Internal]
[-AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
New-ReceiveConnector
[-Name] <String>
-RemoteIPRanges <MultiValuedProperty>
[-Bindings <MultiValuedProperty>]
[-Client]
[-AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
New-ReceiveConnector
[-Name] <String>
-Usage <UsageType>
[-Bindings <MultiValuedProperty>]
[-RemoteIPRanges <MultiValuedProperty>] [AdvertiseClientSettings <Boolean>]
[-AuthMechanism <AuthMechanisms>]
[-AuthTarpitInterval <EnhancedTimeSpan>]
[-Banner <String>]
[-BinaryMimeEnabled <Boolean>]
[-ChunkingEnabled <Boolean>]
[-Comment <String>]
[-Confirm]
[-ConnectionInactivityTimeout <EnhancedTimeSpan>]
[-ConnectionTimeout <EnhancedTimeSpan>]
[-DefaultDomain <AcceptedDomainIdParameter>]
[-DeliveryStatusNotificationEnabled <Boolean>]
[-DomainController <Fqdn>]
[-DomainSecureEnabled <Boolean>]
[-EightBitMimeEnabled <Boolean>]
[-EnableAuthGSSAPI <Boolean>]
[-Enabled <Boolean>]
[-EnhancedStatusCodesEnabled <Boolean>]
[-ExtendedProtectionPolicy <ExtendedProtectionPolicySetting>]
[-Fqdn <Fqdn>]
[-LongAddressesEnabled <Boolean>]
[-MaxAcknowledgementDelay <EnhancedTimeSpan>]
[-MaxHeaderSize <ByteQuantifiedSize>]
[-MaxHopCount <Int32>]
[-MaxInboundConnection <Unlimited>]
[-MaxInboundConnectionPercentagePerSource <Int32>]
[-MaxInboundConnectionPerSource <Unlimited>]
[-MaxLocalHopCount <Int32>]
[-MaxLogonFailures <Int32>]
[-MaxMessageSize <ByteQuantifiedSize>]
[-MaxProtocolErrors <Unlimited>]
[-MaxRecipientsPerMessage <Int32>]
[-MessageRateLimit <Unlimited>]
[-MessageRateSource <MessageRateSourceFlags>]
[-OrarEnabled <Boolean>]
[-PermissionGroups <PermissionGroups>]
[-PipeliningEnabled <Boolean>]
[-ProtocolLoggingLevel <ProtocolLoggingLevel>]
[-RejectReservedSecondLevelRecipientDomains <Boolean>]
[-RejectReservedTopLevelRecipientDomains <Boolean>]
[-RejectSingleLabelRecipientDomains <Boolean>]
[-RequireEHLODomain <Boolean>]
[-RequireTLS <Boolean>]
[-Server <ServerIdParameter>]
[-ServiceDiscoveryFqdn <Fqdn>]
[-SizeEnabled <SizeMode>]
[-SuppressXAnonymousTls <Boolean>]
[-TarpitInterval <EnhancedTimeSpan>]
[-TlsCertificateName <SmtpX509Identifier>]
[-TlsDomainCapabilities <MultiValuedProperty>]
[-TransportRole <ServerRole>]
[-WhatIf]
[<CommonParameters>]
Description
On Mailbox servers, you can create Receive connectors in the Front End Transport service, and the Transport (Hub) service. On Edge Transport servers, you can create Receive connectors in the Transport service.
For more information about Receive connector usage types, permission groups, and authentication methods, see Receive connectors.
You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.
Examples
Example 1
New-ReceiveConnector -Name Test -Usage Custom -Bindings 10.10.1.1:25 -RemoteIPRanges 192.168.0.1-192.168.0.24
This example creates the custom Receive connector Test with the following properties:
It listens for incoming SMTP connections on the IP address 10.10.1.1 and port 25.
It accepts incoming SMTP connections only from the IP range 192.168.0.1-192.168.0.24
Parameters
-AdvertiseClientSettings
The AdvertiseClientSettings parameter specifies whether the SMTP server name, port number, and authentication settings for the Receive connector are displayed to users in the options of Outlook on the web. Valid values are:
- $true: The SMTP values are displayed in Outlook on the web. Typically, you would only use this setting for a Receive connector with the usage type Client (authenticated SMTP connections on TCP port 587 for POP3 and IMAP4 clients).
- $false: The SMTP values are displayed in Outlook on the web. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-AuthMechanism
The AuthMechanism parameter specifies the advertised and accepted authentication mechanisms for the Receive connector. Valid values are:
- None
- Tls
- Integrated
- BasicAuth
- BasicAuthRequireTLS
- ExchangeServer
- ExternalAuthoritative
You can specify multiple values separated by commas, but some values have dependencies and exclusions:
- You can only use the value None by itself.
- The value BasicAuthRequireTLS also requires the values BasicAuth and Tls.
- The only other value that you can use with ExternalAuthoritative is Tls.
- The value Tls is required when the value of the RequireTLS parameter is $true.
- The value ExternalAuthoritative requires you to set the value of the PermissionGroups parameter to ExchangeServers.
Type: | AuthMechanisms |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-AuthTarpitInterval
The AuthTarpitInterval parameter specifies the period of time to delay responses to failed authentication attempts from remote servers that may be abusing the connection. The default value is 5 seconds.
To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds.
When you set the value to 00:00:00, you disable the authentication tarpit interval. Setting the value to more than a few seconds can cause timeouts and mail flow issues.
You can configure the delay for other SMTP failure responses by using the TarpitInterval parameter.
Type: | EnhancedTimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2016, Exchange Server 2019 |
-Banner
The Banner parameter specifies a custom SMTP 220 banner that's displayed to remote messaging servers that connect to the Receive connector. When you specify a value, enclose the value in quotation marks, and start the value with 220 (the default "Service ready" SMTP response code).
The default value of this parameter is blank ($null), which uses the following SMTP banner:
220 <ServerName> Microsoft ESMTP MAIL service ready at <RegionalDay-Date-24HourTimeFormat><RegionalTimeZoneOffset>
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-BinaryMimeEnabled
The BinaryMimeEnabled parameter specifies whether the BINARYMIME Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: BINARYMIME is enabled and is advertised in the EHLO response. This setting requires that the ChunkingEnabled parameter is also set to the value $true. This is the default value.
- $false: BINARYMIME is disabled and isn't advertised in the EHLO response.
The binary MIME extension is defined in RFC 3030.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Bindings
The Bindings parameter specifies the local IP address and TCP port number that's used by the Receive connector. This parameter uses the syntax "IPv4Address:TCPPort","IPv6Address:TCPPort"
. You can specify an IPv4 address and port, an IPv6 address and port, or both. The IP address values 0.0.0.0 or [::]
indicate that the Receive connector uses all available local IPv4 or all IPv6 addresses.
You need to specify a valid local IP address from the network adapters of the Exchange server. If you specify an invalid local IP address, the Microsoft Exchange Transport service might fail to start when the service is restarted.
You need to use this parameter when you use these usage type parameters:
- The Internet switch (or the Usage parameter with the value Internet).
- The Partner switch (or the Usage parameter with the value Partner).
- The Custom switch (or the Usage parameter with the value Custom).
You can't use this parameter when you use the following usage type parameters:
- The Client switch (or the Usage parameter with the value Client. The default value is 0.0.0.0:587.
- The Internal switch (or Usage parameter with the value Internal). The default value is 0.0.0.0:25.
The values for this parameter must satisfy one of the following uniqueness requirements:
- The combination of IP address and TCP port doesn't conflict with the IP address and TCP port that's used on another Receive connector on the server.
- You use an existing combination of IP address and TCP port that's configured on another Receive connector on the server, but you restrict the remote IP addresses by using the RemoteIPRanges parameter. When you create a Receive connector, you can only use the RemoteIPRanges and Bindings parameters together with the Custom and Partner switches (or the Usage parameter with the value Custom or Partner).
Type: | MultiValuedProperty |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ChunkingEnabled
The ChunkingEnabled parameter specifies whether the CHUNKING Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: CHUNKING is enabled and is advertised in the EHLO response. This is the default value.
- $false: CHUNKING is disabled and isn't advertised in the EHLO response.
Chunking is defined in RFC 3030.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Client
The Client switch specifies the Client usage type for the Receive connector. You don't need to specify a value with this switch.
This usage type assigns the following default permission groups and authentication methods:
- Permission groups:ExchangeUsers
- Authentication methods:TLS, BasicAuth, BasicAuthRequireTLS, and Integrated.
When you use this switch, you also need to use the RemoteIPRanges parameter, and you can't use the Bindings parameter (the default value is 0.0.0.0:587).
You can't use this switch with any other usage type parameters (Internal, Internet, Partner, Custom, or Usage).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Comment
The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note".
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false
. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ConnectionInactivityTimeout
The ConnectionInactivityTimeout parameter specifies the maximum amount of idle time before a connection to the Receive connector is closed.
To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds.
A valid value for this parameter is 00:00:01 (one second) to 1.00:00:00 (one day).
The default value for Receive connectors on Mailbox servers is 00:05:00 (5 minutes). The default value for Receive connectors on Edge Transport servers is 00:01:00 (1 minute).
The value of this parameter must be less than the value of the ConnectionTimeout parameter.
Type: | EnhancedTimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ConnectionTimeout
The ConnectionTimeout parameter specifies the maximum time that the connection to the Receive connector can remain open, even if the connection is actively transmitting data.
To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds.
A valid value for this parameter is 00:00:01 (one second) to 1.00:00:00 (one day).
The default value for Receive connectors on Mailbox servers is 00:10:00 (10 minutes). The default value for Receive connectors on Edge Transport servers is 00:05:00 (5 minutes).
The value of this parameter must be greater than the value of the ConnectionInactivityTimeout parameter.
Type: | EnhancedTimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Custom
The Custom switch specifies the Custom usage type for the Receive connector. You don't need to specify a value with this switch.
This usage type assigns the following default permission groups and authentication methods:
- Permission groups:None
- Authentication methods:TLS
When you use this switch, you also need to use the Bindings and RemoteIPRanges parameters.
If you don't also use the PermissionGroups parameter to assign at least one permission group, you'll need to use the PermissionGroups parameter on the Set-ReceiveConnector cmdlet after you create the Receive connector (otherwise, the Receive connector can't accept inbound SMTP connections).
You can't use this switch with any other usage type parameters (Client, Internal, Internet, Partner, or Usage).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-DefaultDomain
The DefaultDomain parameter specifies the default accepted domain to use for the Exchange organization. You can use any value that uniquely identifies the accepted domain. For example:
- Name
- Distinguished name (DN)
- GUID
Although you can configure any accepted domain as the default domain, you typically specify an authoritative domain. The default domain is used by:
- The external postmaster address:
postmaster@<default domain>
. - Encapsulated non-SMTP email addresses (Internet Mail Connector Encapsulated Address or IMCEA encapsulation).
- The primary address for all recipients in the default email address policy. If you configure another accepted domain as the default domain, the default email address policy isn't automatically updated.
Type: | AcceptedDomainIdParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-DeliveryStatusNotificationEnabled
The DeliveryStatusNotificationEnabled parameter specifies whether the DSN (delivery status notification) Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: DSN is enabled and is advertised in the EHLO response. This is the default value.
- $false: DSN is disabled and isn't advertised in the EHLO response.
Delivery status notifications are defined in RFC 3461.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-DomainController
The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.
The DomainController parameter isn't supported on Edge Transport servers. An Edge Transport server uses the local instance of Active Directory Lightweight Directory Services (AD LDS) to read and write data.
Type: | Fqdn |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-DomainSecureEnabled
The DomainSecureEnabled parameter specifies whether to enable or disable mutual Transport Layer Security (TLS) authentication (also known as Domain Secure) for the domains that are serviced by the Receive connector. Valid values are:
- $true: Mutual TLS authentication is enabled.
- $false: Mutual TLS authentication is disabled.
Note that setting this parameter to the value $true is only part of the requirements for enabling mutual TLS authentication:
- The AuthMechanism parameter must contain the value Tls, and can't contain the value ExternalAuthoritative.
- The domain that's used for mutual TLS authentication must be configured in the following locations:
- The TLSReceiveDomainSecureList parameter on the Set-TransportConfig cmdlet.
- The AddressSpaces parameter on the Set-SendConnector cmdlet for the corresponding Send connector.
- The TLSSendDomainSecureList parameter on the Set-TransportConfig cmdlet.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-EightBitMimeEnabled
The EightBitMimeEnabled parameter specifies whether the 8BITMIME Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: 8BITMIME is enabled and is advertised in the EHLO response. This is the default value.
- $false: 8BITMIME is disabled and isn't advertised in the EHLO response.
8-bit data transmission is defined in RFC 6152.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-EnableAuthGSSAPI
The EnableAuthGSSAPI parameter enables or disables Kerberos when Integrated Windows authentication is available on the Receive connector (the AuthMechanism parameter contains the value Integrated). Valid values are:
- $true: Kerberos is enabled. The Extended SMTP keyword AUTH GSSAPI NTLM is advertised in the EHLO response. Clients can use Kerberos or NTLM for Integrated Windows authentication.
- $false: Kerberos is disabled. The Extended SMTP keyword AUTH NTLM is advertised in the EHLO response. Clients can only use NTLM for Integrated Windows authentication.
The Generic Security Services application programming interface (GSSAPI) is an IETF standard for accessing security services.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Enabled
The Enabled parameter specifies whether to enable or disable the Receive connector. Valid values are:
- $true: The Receive connector is enabled. This is the default value.
- $false: The Receive connector is disabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-EnhancedStatusCodesEnabled
The EnhancedStatusCodesEnabled parameter specifies whether the ENHANCEDSTATUSCODES Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: ENHANCEDSTATUSCODES is enabled and is advertised in the EHLO response. This is the default value.
- $false: ENHANCEDSTATUSCODES is disabled and isn't advertised in the EHLO response.
Enhanced status codes are defined in RFC 2034.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ExtendedProtectionPolicy
The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is implemented on the Receive connector. Valid values are:
- None: Extended Protection for Authentication isn't used. This is the default value.
- Allow: Extended Protection for Authentication is used only if the connecting host supports it. Otherwise, connections are established without Extended Protection for Authentication.
- Require: Extended Protection for Authentication is required for all incoming connections to this Receive connector. If the connecting host doesn't support Extended Protection for Authentication, the connection is rejected.
Extended Protection for Authentication enhances the protection and handling of credentials when authenticating network connections using Integrated Windows authentication. Integrated Windows authentication is also known as NTLM. We strongly recommend that you use Extended Protection for Authentication if you are using Integrated Windows authentication.
Type: | ExtendedProtectionPolicySetting |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Fqdn
The Fqdn parameter specifies the destination FQDN that's shown to connected messaging servers. This value is used in the following locations:
- In the default SMTP banner of the Receive connector.
- In the EHLO/HELO response of the Receive connector.
- In the most recent Received header field in the incoming message when.
- During TLS authentication.
The default value is the FQDN of theExchange server that contains the Receive connector (for example edge01.contoso.com). You can specify a different FQDN (for example, mail.contoso.com).
Type: | Fqdn |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Internal
The Internal switch specifies the Internal usage type for the Receive connector. You don't need to specify a value with this switch.
This usage type assigns the following default permission groups and authentication methods:
- Permission groups:ExchangeLegacyServers and ExchangeServers.
- Authentication methods:TLS and ExchangeServers.
When you use this switch, you also need to use the RemoteIPRanges parameter, and you can't use the Bindings parameter (the default value is 0.0.0.0:25).
You can't use this switch with any other usage type parameters (Client, Internet, Partner, Custom, or Usage).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Internet
The Internet switch specifies the Internet usage type for the Receive connector. You don't need to specify a value with this switch.
This usage type assigns the following default permission groups and authentication methods:
- Permission groups:AnonymousUsers
- Authentication methods:TLS
When you use this switch, you also need to use the Bindings parameter, and you can't use the RemoteIPRanges parameter (the default value is 0.0.0.0-255.255.255.255).
You can't use this switch with any other usage type parameters (Client, Internal, Partner, Custom, or Usage).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-LongAddressesEnabled
The LongAddressesEnabled parameter specifies whether the Receive connector accepts long X.400 email addresses. The X.400 email addresses are encapsulated in SMTP email addresses by using the Internet Mail Connector Encapsulated Address (IMCEA) encapsulation method. Valid values are
- $true: X.400 email addresses can be up to 1,860 characters long after IMCEA encapsulation.
- $false: The maximum length of a complete SMTP email address is 571 characters. This is the default value.
When you set this parameter to the value $true, the following changes are made to the Receive connector:
- The XLONGADDR Extended SMTP extension is enabled and is advertised in the EHLO response.
- The accepted line length of an SMTP session is increased to 8,000 characters.
- Valid long addresses are accepted by the MAIL FROM and RCPT TO SMTP commands.
You can only configure this parameter on Receive connectors in the Transport service on Mailbox servers.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxAcknowledgementDelay
This parameter isn't used by Exchange Server 2016. It's used only by Exchange 2010 servers in coexistence environments.
The MaxAcknowledgementDelay parameter specifies the maximum period the transport server delays acknowledgment until it verifies that the message has been successfully delivered to all recipients. When receiving messages from a host that doesn't support shadow redundancy, an Exchange Server 2010 transport server will delay issuing an acknowledgment until it verifies that the message has been successfully delivered to all recipients. However, if it takes too long to verify successful delivery, the transport server will time out and issue an acknowledgment anyway.
To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds.
The default value is 30 seconds.
Type: | EnhancedTimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxHeaderSize
The MaxHeaderSize parameter specifies the maximum size of the SMTP message header before the Receive connector closes the connection. The default value is 256 kilobytes (262144 bytes).
When you enter a value, qualify the value with one of the following units:
- B (bytes)
- KB (kilobytes)
- MB (megabytes)
- GB (gigabytes)
Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte.
A valid value is from 1 to 2147483647 bytes.
Type: | ByteQuantifiedSize |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxHopCount
The MaxHopCount parameter specifies the maximum number of hops that a message can take before the message is rejected by the Receive connector. The maximum number of hops is determined by the number of Received header fields that exist in a submitted message.
A valid value is from 1 to 500. The default value is 30.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxInboundConnection
The MaxInboundConnection parameter specifies the maximum number of inbound connections that this Receive connector serves at the same time.
A valid value is from 1 to 2147483647, or the value unlimited. The default value is 5000.
To disable the inbound connection limit on a Receive connector, enter a value of unlimited.
Type: | Unlimited |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxInboundConnectionPercentagePerSource
The MaxInboundConnectionPercentagePerSource parameter specifies the maximum number of connections that a Receive connector serves at the same time from a single IP address, expressed as the percentage of available remaining connections on a Receive connector.
A valid value is from 1 to 100 without the percent sign (%). The default value is 2 percent.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxInboundConnectionPerSource
The MaxInboundConnectionPerSource parameter specifies the maximum number of connections that this Receive connector serves at the same time from a single IP address.
A valid value is from 1 to 10000, or the value unlimited. The default value is 20.
To disable the inbound connection per source limit on a Receive connector, enter a value of unlimited.
Type: | Unlimited |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxLocalHopCount
The MaxLocalHopCount parameter specifies the maximum number of local hops that a message can take before the message is rejected by the Receive connector. The maximum number of local hops is determined by the number of Received headers with local server addresses in a submitted message.
A valid value is from 0 to 50. The default value is 8.
When you specify the value 0, the message is never rejected based on the number of local hops.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxLogonFailures
The MaxLogonFailures parameter specifies the number of logon failures that the Receive connector retries before it closes the connection.
A valid value is from 0 to 10. The default value is 3.
When you specify the value 0, the connection is never closed because of logon failures.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxMessageSize
The MaxMessageSize parameter specifies the maximum size of a message that's allowed through the Receive connector. The default value is 36 MB, which results in a realistic maximum message size of 25 MB.
When you enter a value, qualify the value with one of the following units:
- B (bytes)
- KB (kilobytes)
- MB (megabytes)
- GB (gigabytes)
Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte.
A valid value for this parameter is from 65536 to 2147483647 bytes.
Base64 encoding increases the size of messages by approximately 33%, so specify a value that's 33% larger than the actual maximum message size that you want to enforce. For example, the value 64 MB results in a maximum message size of approximately 48 MB.
Type: | ByteQuantifiedSize |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxProtocolErrors
The MaxProtocolErrors parameter specifies the maximum number of SMTP protocol errors that the Receive connector accepts before closing the connection.
A valid value is from 0 to 2147483647, or the value unlimited. The default value is 5.
When you specify the value unlimited, a connection is never closed because of protocol errors.
Type: | Unlimited |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MaxRecipientsPerMessage
The MaxRecipientsPerMessage parameter specifies the maximum number of recipients per message that the Receive connector accepts before closing the connection.
A valid value is from 1 to 512000. The default value is 200.
Type: | Int32 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MessageRateLimit
The MessageRateLimit parameter specifies the maximum number of messages that can be sent by a single client IP address per minute.
A valid value is from 1 to 2147483647, or the value unlimited.
To remove the message rate limit on a Receive connector, enter a value of unlimited.
The default value for Receive connectors on Mailbox servers is unlimited. The default value for Receive connectors on an Edge Transport servers is 600.
Type: | Unlimited |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-MessageRateSource
The MessageRateSource parameter specifies how the message submission rate is calculated. Valid values are:
- None: The message submission rate isn't calculated.
- User: The message submission rate is calculated for sending users (specified with the MAIL FROM SMTP command).
- IPAddress: The message submission rate is calculated for sending hosts.
- All: The message submission rate is calculated for both sending users and sending hosts.
Type: | MessageRateSourceFlags |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Name
The Name parameter specifies the unique name for the Receive connector. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks.
Type: | String |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-OrarEnabled
The OrarEnabled parameter enables or disables Originator Requested Alternate Recipient (ORAR) on the Receive connector. Valid values are:
- $true: ORAR is enabled and is advertised in the XORAR keyword in the EHLO response. The actual ORAR information is transmitted in the RCPT TO SMTP command.
- $false: ORAR is disabled and is isn't advertised in the EHLO response. This is the default value.
If the email address specified in the ORAR information is a long X.400 email address, you need to set the LongAddressesEnabled parameter to the value $true.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Partner
The Partner switch specifies the Partner usage type for the Receive connector. You don't need to specify a value with this switch.
This usage type assigns the following default permission groups and authentication methods:
- Permission groups:Partners
- Authentication methods:TLS
When you use this switch, you also need to use the Bindings and RemoteIPRanges parameters.
You can't use this switch with any other usage type parameters (Client, Internal, Internet, Custom, or Usage).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-PermissionGroups
The PermissionGroups parameter specifies the well-known security principals who are authorized to use the Receive connector, and the permissions that are assigned to them. Valid values are:
- None
- AnonymousUsers
- ExchangeUsers
- ExchangeServers
- ExchangeLegacyServers
- Partners
- Custom
The default permission groups that are assigned to a Receive connector depend on the connector usage type parameter that was used when the connector was created (Client, Internal, Internet, Partner, or Usage).
When you use the value Custom, you need to configure individual permissions by using the Add-ADPermission cmdlet.
For more information about the default permissions and security principals for permission groups, see Receive connector permission groups.
Type: | PermissionGroups |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-PipeliningEnabled
The PipeliningEnabled parameter specifies whether the PIPELINING Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: PIPELINING is enabled and is advertised in the EHLO response. This is the default value.
- $false: PIPELINING is disabled and isn't advertised in the EHLO response.
Pipelining is defined in RFC 2920.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ProtocolLoggingLevel
The ProtocolLoggingLevel parameter specifies whether to enable or disable protocol logging for the Receive connector. Valid values are:
- None: Protocol logging is disabled on the Receive connector. This is the default value.
- Verbose: Protocol logging is enabled on the Receive connector.
For more information about protocol logging, see Protocol logging.
Type: | ProtocolLoggingLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-RejectReservedSecondLevelRecipientDomains
The RejectReservedSecondLevelRecipientDomains parameter specifies whether to reject connections that contain recipients in reserved second-level domains as specified in RFC 2606 (example.com, example.net, or example.org). Valid value are:
- $true: RCPT TO commands that contain reserved second-level domains are rejected.
- $false: RCPT TO commands that contain reserved second-level domains aren't rejected. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2016, Exchange Server 2019 |
-RejectReservedTopLevelRecipientDomains
The RejectReservedTopLevelRecipientDomains parameter specifies whether to reject connections that contain recipients in reserved top-level domains (TLDs) as specified in RFC 2606 (.test, .example, .invalid, or .localhost). Valid value are:
- $true: RCPT TO commands that contain reserved TLDs are rejected.
- $false: RCPT TO commands that contain reserved TLDs aren't rejected. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2016, Exchange Server 2019 |
-RejectSingleLabelRecipientDomains
The RejectSingleLabelRecipientDomains parameter specifies whether to reject connections that contain recipients in single-label domains (for example, chris@contoso instead of [email protected]). Valid values are:
- $true: RCPT TO commands that contain single-label domains are rejected.
- $false: RCPT TO commands that contain single-label domains aren't rejected. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2016, Exchange Server 2019 |
-RemoteIPRanges
The RemoteIPRanges parameter specifies the remote IP addresses that the Receive connector accepts messages from. Valid values are:
- Single IP address: For example, 192.168.1.1 or fe80::39bd:88f7:6969:d223%11.
- IP address range: For example, 192.168.1.1-192.168.1.254.
- Classless InterDomain Routing (CIDR) IP address range: For example, 192.168.1.1/24 or 2001:0DB8::CD3/60.
You can specify multiple value separated by commas: "Value1","Value2",..."ValueN"
.
Multiple Receive connectors on the same server can have overlapping remote IP address ranges as long as one IP address range is completely overlapped by another. For example, you can configure the following remote IP address ranges on different Receive connectors on the same server:
- 0.0.0.0
- 192.168.1.1/24
- 192.168.1.10
When remote IP address ranges overlap, the Receive connector with the most specific match to the IP address of the connecting server is used.
You need to use this parameter with the following usage type parameters:
- The Client switch (or the Usage parameter with the value Client).
- The Internal switch (or the Usage parameter with the value Internal).
- The Partner switch (or the Usage parameter with the value Partner).
- The Custom switch (or the Usage parameter with the value Custom).
You can't use this parameter with the Internet usage type (the default value is 0.0.0.0-255.255.255.255).
Type: | MultiValuedProperty |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-RequireEHLODomain
The RequireEHLODomain parameter specifies whether the client must provide a domain name in the EHLO handshake after the SMTP connection is established. Valid values are:
- $true: The client must provide a domain name in the EHLO handshake. If it doesn't, the SMTP connection is closed.
- $false: The client isn't required to provide a domain name in the EHLO handshake. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-RequireTLS
The RequireTLS parameter specifies whether to require TLS transmission for inbound messages on the Receive connector. Valid values are:
- $true: Inbound messages on the Receive connector require TLS transmission.
- $false: Inbound messages on the Receive connector don't require TLS transmission. This is the default value.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Server
The Server parameter specifies the Exchange server where you want to run this command. You can use any value that uniquely identifies the server. For example:
- Name
- FQDN
- Distinguished name (DN)
- Exchange Legacy DN
If you don't use this parameter, the command is run on the local server.
Type: | ServerIdParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-ServiceDiscoveryFqdn
The ServiceDiscoveryFqdn parameter specifies the service discovery fully-qualified domain name (FQDN) for the Receive connector.
Type: | Fqdn |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-SizeEnabled
The SizeEnabled parameter specifies how the SIZE Extended SMTP extension is used on the Receive connector. Valid values are:
- Enabled: SIZE is enabled and is advertised in the EHLO response along with the value of the MaxMessageSize parameter. If the size of the inbound message exceeds the specified value, the Receive connector closes the connection with an error code. This is the default value.
- Disabled: SIZE is disabled and isn't advertised in the EHLO response.
- EnabledwithoutValue: SIZE is enabled and is advertised in the EHLO response, but the value of the MaxMessageSize parameter isn't disclosed in the EHLO response. This setting allows messages to bypass message size checks for authenticated connections between Mailbox servers.
SIZE is defined in RFC 1870.
Type: | SizeMode |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-SuppressXAnonymousTls
The SuppressXAnonymousTls parameter specifies whether the X-ANONYMOUSTLS Extended SMTP extension is enabled or disabled on the Receive connector. Valid values are:
- $true: X-ANONYMOUSTLS is disabled and isn't advertised in the EHLO response. This setting also requires that you set the UseDownGradedExchangeServerAuth parameter to the value $true on the Set-TransportService cmdlet on the server.
- $false: X-ANONYMOUSTLS is enabled and is advertised in the EHLO response. This is the default value.
The X-ANONYMOUSTLS extension is important when the AuthMechanism parameter contains the value ExchangeServer.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-TarpitInterval
The TarpitInterval parameter specifies the amount of time to delay an SMTP response to a remote server that may be abusing the connection. The default value is 00:00:05 (5 seconds.).
To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds.
When you set the value to 00:00:00, you disable the tarpit interval. Setting this value to more than a few seconds can cause timeouts and mail flow issues.
You can configure the delay for authentication failure responses by using the AuthTarpitInterval parameter.
Type: | EnhancedTimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-TlsCertificateName
The TlsCertificateName parameter specifies the X.509 certificate to use for TLS encryption. A valid value for this parameter is "<I>X.500Issuer<S>X.500Subject"
. The X.500Issuer value is found in the certificate's Issuer field, and the X.500Subject value is found in the certificate's Subject field. You can find these values by running the Get-ExchangeCertificate cmdlet. Or, after you run Get-ExchangeCertificate to find the thumbprint value of the certificate, run the command $TLSCert = Get-ExchangeCertificate -Thumbprint <Thumbprint>
, run the command $TLSCertName = "<I>$($TLSCert.Issuer)<S>$($TLSCert.Subject)"
, and then use the value $TLSCertName for this parameter.
Type: | SmtpX509Identifier |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-TlsDomainCapabilities
The TlsDomainCapabilities parameter specifies the capabilities that the Receive connector makes available to specific hosts outside of the organization. Remote hosts are authenticated with TLS with certificate validation before these capabilities are offered.
This parameter uses the following syntax:
"Domain1:Capability1,Capability2,"...,"Domain2:Capability1,Capability2,...",...
You can only use this parameter in Exchange hybrid deployments, and the valid Capability values are:
- AcceptCloudServicesMail (Exchange 2013 or later)
- AcceptOorgProtocol (Exchange 2010)
More Capability values are available, but there is no scenario to use them. For more information, see Advanced Office 365 Routing.
The available Domain values are an SMTP domain (for example, contoso.com), or the value NO-TLS for non-TLS encrypted inbound connections.
For example, "contoso.com:AcceptOorgProtocol","fabrikam.com:AcceptCloudServicesMail"
.
Type: | MultiValuedProperty |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-TransportRole
The TransportRole parameter specifies the transport service on the Mailbox server where the Receive connector is created. Valid values are:
- FrontendTransport: The Front End Transport service where client or external SMTP connections occur.
- HubTransport: The Transport service where Exchange server and proxied client SMTP connections occur.
Type: | ServerRole |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-Usage
The Usage parameter specifies the default permission groups and authentication methods that are assigned to the Receive connector. Valid values are:
- Client
- Custom
- Internal
- Internet
- Partner
The following values for this parameter also require the Bindings parameter:
- Internet
- Partner
- Custom
The following values for this parameter also require the RemoteIPRanges parameter:
- Client
- Internal
- Partner
- Custom
For a description of the default permission groups and authentication methods that are assigned for each value, see the corresponding usage type switch descriptions.
You can't use this parameter with any other usage type switches (Client, Internal, Internet, Custom, or Partner).
Type: | UsageType |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
-WhatIf
The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019 |
Inputs
Input types
To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn't accept input data.
Outputs
Output types
To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn't return data.