Original Author: Robert Mitchell - Posted October 29th 2015

We first communicated this change in December of 2014 via email, then sent out reminder emails on June 8 and September 11 of this year, as well as posting it as a news item in our ticketing system. We can get you sorted out now, though.

As for the new settings, customer firewalls and Exchange access control (Receive connector) should reflect the following:

Subnets for SMTP

• (
• (

Subnets for LDAP

• (
• (

And if needed an update SPF (TXT) Record

• v=spf1 mx include:reflexion.net ~all


Exchange 2013
1. Mail Flow, Rules, Create a new rule
2. Apply this rule if, sender location is Outside the Organization
3. Do the following - recommend reject or delete the message
4. Click More options
5. Add Exceptions for the Reflexion IP addresses
• (
• (

Exchange 2007/2010
Open the Exchange Management Console
Navigate to Server Configuration > Hub Transport > Default Receive Connector > Properties > Network tab
Under "Receive mail from remote servers that have these addresses:" find the entry that says and delete it
Under "Receive mail from remote servers that have these addresses:" click Add
Input the first Reflexion IP range; repeat this step for each Reflexion IP
• (
• (

Click on the Permission Group tab and ensure that "anonymous users" is checked
Stop and restart the MSExchangeTransport service on the HUB transport server(s)

Exchange 2003
Open the Exchange System Manager
Expand Servers > Server Name > Protocols > SMTP > right-click "Default SMTP Virtual Server" (or the active receive connector name) and select Properties
Navigate to the Access tab and then select the Connection button
Remove any entries from previous providers or entries that have the IP range -
Click Add to enter a new IP restriction
Select the group of computers option, insert the first IP range for Reflexion, click OK; repeat this step for each of the Reflexion IPs
• (
• (
Restart the Simple Mail Transfer Protocol (SMTP) service to apply the changes