How to Configure Exchange 2010 with Nervepoint Access Manager

This article covers how to configure Nervepoint Access Manager to use Exchange 2010 both using an authenticated session as well as an unauthenticated session.

Configuring Authenticated SMTP

Step 1: Configure Nervepoint Receive Connector

  1. If you do not have one you can use, create a user account for Nervepoint to use for authentication. For example 'nervepointsmtp'.
  2. Give that user an Exchange account. 
  3. Create a new Receive Connector called "Nervepoint SMTP relay" or something.

 exchange-connector-authenticated-step-1.jpg

 Step 2: Configure Network

Configure for the IP address of Nervepoint (for added security), and choose a free e.g. 2500.

exchange-connector-authenticated-step-2.jpg

 

Step 3: Configure Authentication Tab

exchange-connector-authenticated-step-5.jpg

Enable the following settings:

  • Transport Layer Security
  • Basic Authentication
  • Offer Basic authentication only after starting TLS
  • Integrated Windows authentication
  • Externally secured 

 

Step 4: Configuring Permission Groups

exchange-connector-authenticated-step-6.jpg

Enable the following settings:

  • Exchange users

Step 5: Configure Your Nervepoint Server 

From the mail configuration page (Administrative portal->Configuration->Network) disable 'Simple Mode'. This will allow you to configure your own Exchange mail server for use by Nervepoint Access Manager.

mail.png

Set the following:

  • Mail Server Hostname - use the hostname or IP address of the exchange server.
  • Mail Server Port - set to 2500 (or whatever you chose for the receive connector).
  • Mail Server Username/password - use 'nervepointsmtp' (or the credentials of whatever account you chose/created)
  • TLS - enable
  • Default Send Address - we recommend using the sender address of the account used for authentication, e.g. nervepointsmtp@mydomain.com. You may be able to use others, but this will probably require further configuration on Exchange

After saving these settings Nervepoint will be configured to use a secure authenticated session with your mail server to send out email notifications to your users.

Configuring Unauthenticated SMTP

We recommend that authenticated SMTP is used and this process should be used if you cannot get an authenticated configuration working.

Step 1: Configure a new Receive Connector

  1. Set up a new Receive Connector on your Exchange server.
  2. Allow only the IP address of the nervepoint server to connect to it (say on port 2500).
  3. Select 'Anonymous' in the 'Permission Groups' tab of the connector properties
  4. Uncheck all checkboxes in 'Authentication' tab except for 'Transport Layout Security (TLS)'

Step 2: Configure Your Nervepoint Server

From the mail configuration page (Administrative portal->Configuration->Network) disable 'Simple Mode'. This will allow you to configure your own Exchange mail server for use by Nervepoint Access Manager.

  1. Set Mail Server Port to 2500
  2. Remove both the username and password. This will force Nervepoint to use an anonymous SMTP connection.

After saving these settings Nervepoint will be configured to use a insecure anonymous session with your mail server to send out email notifications to your users.

Have more questions? Submit a request

Comments

Powered by Zendesk