Although recommended, not every environment will deploy an Edge Transport server in the perimeter network. Smaller businesses or ones that wish to use a third-party or hosted solution will deploy a Hub Transport server and work with mail flow in and out of their organization through that system. If you set up the Hub Transport server and send mail to another user in the organization everything seems to work just fine. But when you try to send mail out or receive mail in it doesn’t seem to work out. If you have typically set up Exchange with an Edge Transport subscription this may be a bit odd because with the EdgeSync process the send/receive connectors are automatically set up for you. But this isn’t the case if you just deploy the Hub Transport server.
The solution requires two steps (assuming you already have your external DNS MX records pointed to your Exchange server). The first part is to create a send connector (located under Organization Configuration – Hub Transport) that uses an asterix (the * symbol) to tell Exchange that all email not going to your internal organization should go in the direction of the connector. If you are using a hosted solution you want the mail to go towards you will configure a smart host connection. If you just want that email to go out to the Internet you will use MX records and DNS to route the mail. Creating this send connector will allow mail to flow outside your organization now. To have mail flowing into your organization you will need to configure the Default receive connector (located under Server Configuration – Hub Transport) by adjusting permissions to allow anonymous connections. Now persons can send email towards your organization and it will be accepted.
One of the other missing pieces of a Hub Transport server that you don’t have automatically available is the anti-spam settings. The HT server has the ability to perform anti-spam control using the same 9 features that the Edge Transport has but the tab and the options just aren’t available by default.
To fix this problem, on your Hub Transport server you want to open your Exchange Management Shell and navigate to the Scripts folder. Run the .\Install-AntiSpamAgents.ps1 script. Once complete restart the Exchange Transport service (type restart-service msexchangetransport) and then configure the internal SMTP servers (type set-transportconfig –InternalSMTPServers (IP address of server(s))
Once complete you can open the Exchange Management Console and see the new Anti-Spam tab under Organization Configuration – under the Hub Transport option.
As you can see, it does take a bit of extra work when you aren’t deploying an Edge Transport server. But you can get your Hub Transport up and ready with a little bit of manual intervention. You’ll have mail flow moving in and out of your organization in no time, with anti-spam protection keeping you safe at the same time!