Hello, I have migrated my old Exchange 2010 server to a new Exchange 2013 without any issues and gracefully removed the Exchange 2010 server off of the network.  Everything is working correctly and I have installed my 3rd party UCC certificate for mail.mydomain.com.  My internal mail server address is exchange.mydomain.local and obviously my external address is mail.mydomain.com. I then went through and changed all of my Exchange 2013 internal and external URLs settings along with Outlook Anywhere and Autodiscover to reflect my SSL cert name mail.mydomain.com.  When I look at the scoping options for all of the receive and send connectors do I want to configure all of the FQDN for mail.mydomain.com?  Currently I have the default receive connectors that get installed with Exchange 2013 and I have created the send connector. The next question is that I have a 3rd party spam filter and I'm noticing that it is logging Whitelisted authenticated session, type:organization.. When I emailed the spam filter support they tell me that:

This indicates issues with Exchange trusts. The log indicates that the email was whitelisted, because it was authenticated with organization type authentication. This typically indicates that the internet-facing Exchange connector is misconfigured and treats all emails as coming from trusted servers.

You should have one Receive connector through which external emails are received, it should not be trusted http://technet.microsoft.com/en-us/library/jj657447(v=exchg.150).aspx  Use a separate connector for internal emails (that could be trusted) http://technet.microsoft.com/en-us/library/jj657448(v=exchg.150).aspx

When I look through all of the settings they look correct but I must be missing something because my Exchange 2010 server never logged these messages.  What setting should I change to fix this?

My Questions:
1. When I look at the scoping options for all of the receive and send connectors do I want to configure all of the FQDN for mail.mydomain.com if not which ones should be changed?
2. What settings should I change on the receive connectors to make sure that I fix the trust issues that they saying I'm having?

Thanks Ryan.

• Edited by Ryan Laurie Tuesday, February 24, 2015 5:56 AM

According to your description, I notice that 3rd party spam filter logged a strange record after migrate Exchange 2010 to Exchange 2013.

Yes, that is probably because of the new receive connectors in Exchange 2013 that is what I'm trying to figure out. I'm wondering if I have to change any settings on those connectors to fix the issue. In my original post the third party spam filter party responded back to me saying I had an Exchange trust issue and it indicates that the internet-facing Exchange connector is misconfigured and treats all emails as coming from trusted servers.

Do you deploy cross-forest migration and create any trust when implementing migration?

No to this question.

Here is all of my settings for my receive and send connectors, like I said I have changed all my URL's to match my external address mail.mydomain.com that is listed on my 3rd party SSL UCC Cert.  My local address for the server is Exchange.mydomain.local. Just a reminder I have gracefully removed the Exchange 2010 server off of the network.

https://onedrive.live.com/embed?cid=422820AC84A88F4E&resid=422820AC84A88F4E%21182&authkey=ACDNZxfRPkI8hvU&em=2

Hi,

Everything looks like fine.
Is there any error message in your IIS log or Event log?

If everything is good, because of Microsoft do not know the working principle of 3rd application, I recommend to contact program provider so that you can get more professional suggestion about this application.

Best Regards,
Allen Wang