OpenSSL SAN Zertifikat


[req]
req_extensions = v3_req

[ v3_req ]

# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = server1.yourdomain.tld
DNS.2 = mail.yourdomain.tld
DNS.3 = www.yourdomain.tld
DNS.4 = www.sub.yourdomain.tld
DNS.5 = mx.yourdomain.tld
DNS.6 = support.yourdomain.tld


openssl genrsa -out srvr1-yourdomain-tld-2048.key 2048
openssl req -new -out srvr1-yourdomain-tld-2048.csr -key srvr1-yourdomain-tld-2048.key -config openssl-san.cfg


openssl req -text -noout -in .csr

Exchange 2010 Anonymer Relay

Zuweisen von Benutzerrechten für einen anonymen Relay:

New-ReceiveConnector -Name 'TEST' -Usage 'Custom' -Bindings '0.0.0.0:25' -Fqdn 'test.xxx.com' -RemoteIPRanges '192.168.1.53' -Server 'EX1' -ProtocolLoggingLevel 'Verbose' -PermissionGroups 'AnonymousUsers'


Get-ReceiveConnector "Relay" | Add-ADPermission -User "NT-Autorität\Anonymous-Anmeldung" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"