Network Scanners and Exchange 2007

There are some nice additions to Exchange 2007, and one of the items is the ability to have it easily accept emails from in-network machines (like MFPs, Copier/Scanners) so you can scan to email without having to set up a separate user.  The problem is that it will only accept emails that are addressed to accounts within the same domain (eg,  However, with a little work, you can set up another SMTP Receive Connector to allow emails sent to out of domain addresses (eg,

Thanks to the fine folks at Petri for pointing me in the right direction.

  • Open the Exchange Management Console and go to Server Configuration/Hub Transport
  • Click “New Receive Connector”
  • Give the new connector a meaningful name (“scanner”), select Custom as the type, and a port other than 25 or 587 (which are used by the default connectors).  Obviously if you have changed the default ports then you need to pick something other than those.
  • Right-click the new connector, go to Properties make the following settings:  Permission Groups Tab; Anonymous Users only.  Network Tab; remove the default IP address range and add the IP address(es) of the appropriate device(s).  Authentication Tab; Transport Layer Security (TLS) only.
  • Open the Exchange Management Shell and run the following command:  Get-ReceiveConnector scanner | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”. Note that the “scanner” name is what was used in this example, and you should change the command to match waht you named the new receive connector.
  • Restart the MS Exchange Transport service.
  • Use your favorite MX Record checker (like MXRecordToolbox) to ensure you haven’t created an open relay.
  • Configure the Scanner/Copier/MFP to use the SMTP connector, including the port number you set up.

Now, go forth and scan some more!

This entry was posted in General. Bookmark the permalink.

4 Responses to Network Scanners and Exchange 2007

  1. The post is really very good and informative, thanks.

  2. Armen says:

    Thanks for the info, you saved my day.

  3. Great info, I found the text needed some editing for the Exchange Management Shell. I used the following text and it worked perfect!
    Get-ReceiveConnector “scanner“| Add-ADPermission -User“NTAUTHORITY\ANONYMOUS LOGON”-ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

  4. stas says:

    Used port 25 (yes, same as other connectors) without TLS (everything unchecked in the appropriate tab) for bizhub c203. Worked like a charm.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>