I am in the process of configuring an Exchange server 2003 for my company. We will have only one Exchange Server in the network. I have been having extreme difficulty accepting email from the oustide world. I have a Foritigate Firewall 100 with SMTP opened. We currently have an old Linux RH 8.0 running Sendmail and configured as POP3 server for our current email infastructure. We have no problems getting email there. I will be using the same MX record. Mail.scop.net MX record points to our Firewall then our Firewall has a TCP Port forwarding (25) to the Mail Server. Al lI have been doing is chaning the I.P. Address on this pot forwarding from 192.168.0.6 our Sendmail server to 192.168.0.13 (New Exchange Server). I know that with in the internal organization clients will use MAPI to communicate with the Exchange Server so they are not using SMTP to make that connection. I can send email to the oustide world Yahoo.com MSN.com and so forth so my DNS setting on the server makes SMTP connections to the outside world. I have enabled logging on the SMTP Virtual Server and I see the outside EHELO and connections in the logs. I know it is not my MX record since I got to dnsreport.com and when I have my Firewall set to go to the Sendmail Server it works fine:
mail.scop.net. - 63.196.74.226 [Successful connect: Got a good response [250 2.1.5 <dmartinez@scop.net>... Recipient ok]] (took 0.766 seconds)
Now when I set the Firewall to the Exchange Server I get the following:
mail.scop.net. - 63.196.74.226 [Could not connect: Connection closed before I received all my data]
At first I could not telnet to the Exchange server from my workstation but I added our subnet to the Allow Connections and now I can telnet into the server. But when logged on to the server locally I cannot telnet into the localhost. I cannot telnet from the oustide world. I can't even do that when I have the firewall to the sendmail server so I am not sure what is going on there, that would have to be a firewall issue. Since we do receive emails from the outside on our SendMail, I would have to say I do not have a DNS Problem. The receipient policy is set for our register domain @scop.net. Our AD network is set to scope.local. I modified the default recepient poliy to set @scop.net as the Organization's responsible SMTP Domain. I was successfull to run a smtpdiag from my workstation but I am not succefull to run it outside out domain. This I beleive is associated with our telnet issue on the Firewall. I have configure OWA, OMA, and AES for this server all secured with a certificate from godaddy.com. This works fine with no problems. I believe it is a security configuration on the SMTP Virtual Server in Exchange that is causing me these problems. For the Authentication I have the three enabled Anonymous, Basic and Windows Integrated. For connection control I have our internal subnet granted access. (This is what gave me the ability to telnet from my workstation to the Exchange Server). Relay Restrictions i hav the default. I installed Network Monitor and I see SMTP packets coming from my Firewall so the Firwall is not a problem! I also do a netstat -o and see the outside I.P. address with a TIME_WAIT status on port 25. I have been dealing with this all day. Getting ready to deploy on the 17th of this Month. Looking for some direction on this problem. I have looked all over on this forum and several others. I hope I have passed enough information for someone to give me some guidance. As I said this will be a one Server implementation not a front-back end configuration for our company.
Thanks in Advance!
Dennis
Start Free Trial
