compuit
asked on
Masquerading on the Exchange 5.5 server?
I have a RS6000 (UNIX type system)IP:200.0.0.1 setup to direct all generated email to be sent to an Exchange 5.5 SBS Server on IP 200.0.0.2.
The Exchange 5.5 Server relays the email to the internet addresses as specified in the routing / Relay tab OK. However the email header is messy and is in the format of emailID@[200.0.0.2] (Some systems do not like this, invalid "from address" in header.
I wish to have the email from header written as emailID@domainname.ab.xy
How do I accomplish this function (Masquerading) on the Exchange 5.5 server?
Please Help... First time user all my points are on this one :-(
The Exchange 5.5 Server relays the email to the internet addresses as specified in the routing / Relay tab OK. However the email header is messy and is in the format of emailID@[200.0.0.2] (Some systems do not like this, invalid "from address" in header.
I wish to have the email from header written as emailID@domainname.ab.xy
How do I accomplish this function (Masquerading) on the Exchange 5.5 server?
Please Help... First time user all my points are on this one :-(
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Erik,
The proposed solution you described.... Would it have any impact on the clients currently connecting to the Exchange server?
As I understand the following changes will need to take place on the exchange 5.5 server.
1. 'Specify by email Domain'-button on the 'Connection'-tabsheet, define which domain to forward an to which IP-address to forward to
(Currently this step 1 has no email domain or IP defined)
2. - activate 'Reroute incoming messages'
3. - delete the default <inbound> rule.
4. - add a new rule that reroutes all messages for 'DOMAIN.XXX' to 'DOMAIN.XXX' (they must be identical)
5. - confirm the entry.
6. - close the IMC-configuration and restart the IMC-service.
The proposed solution you described.... Would it have any impact on the clients currently connecting to the Exchange server?
As I understand the following changes will need to take place on the exchange 5.5 server.
1. 'Specify by email Domain'-button on the 'Connection'-tabsheet, define which domain to forward an to which IP-address to forward to
(Currently this step 1 has no email domain or IP defined)
2. - activate 'Reroute incoming messages'
3. - delete the default <inbound> rule.
4. - add a new rule that reroutes all messages for 'DOMAIN.XXX' to 'DOMAIN.XXX' (they must be identical)
5. - confirm the entry.
6. - close the IMC-configuration and restart the IMC-service.
Oh, damn..sorry, this is the way to forward messages WITH exchange server 5.5
Well, you reroute the messages to other email adressen right ?
Little drawing:
Server A Exchange5.5 Popbox1
200.0.0.1 200.0.0.2 x.x.x.x
e-mail to PB1 forward to PB1 e-mail from ID@200.0.0.2
Is this the way it is now ??
Well, you reroute the messages to other email adressen right ?
Little drawing:
Server A Exchange5.5 Popbox1
200.0.0.1 200.0.0.2 x.x.x.x
e-mail to PB1 forward to PB1 e-mail from ID@200.0.0.2
Is this the way it is now ??
When you say internet clients, do you mean those outside of your organisation or SMTP recipients inside of your organisation.
If you mean outside, then would it not be possible for you to implement domain masquerading at the firewall level, provided of course it has SMTP proxy capabilities?
If you mean outside, then would it not be possible for you to implement domain masquerading at the firewall level, provided of course it has SMTP proxy capabilities?
ASKER
Erik,
I carried out the operation and found that the header remained unchanged for mail sent from the RS6000. Also inbound mail created a "loop" where incoming mail to 'DOMAIN.XXX' from internet was routed straight to the outbound que. I appologise, as my senario may not be so clear. The Exchange5.5 has a dialup connection to the 'DOMAIN.XXX' ETRN mail que.
Server A on LAN to Exchange5.5 to dialup
Server A [Unix] Exchange5.5 Popbox1
200.0.0.1 200.0.0.2 x.x.x.x
e-mail to internet forward to PB1 e-mail from ID@[200.0.0.2]
Note : All Outlook clients connecting to Exchange5.5 server have no problem and all headers as desired.
hstiles,
Yes, recipients outside the organization. Basically any mail sent from Server A places the "[200.0.0.2]" instead of 'DOMAIN.XXX'
To implement domain masquerading at the firewall level provided it has SMTP proxy capabilities. What product do you recommend? However I am hoping this can be implemented with what I have currently.
The comment placed earlier in this call that Exchange 2000 has addressed this is great but I do not have this product.
Thanks for the feedback so far, really appreciate it. Back to the drawing board.
I carried out the operation and found that the header remained unchanged for mail sent from the RS6000. Also inbound mail created a "loop" where incoming mail to 'DOMAIN.XXX' from internet was routed straight to the outbound que. I appologise, as my senario may not be so clear. The Exchange5.5 has a dialup connection to the 'DOMAIN.XXX' ETRN mail que.
Server A on LAN to Exchange5.5 to dialup
Server A [Unix] Exchange5.5 Popbox1
200.0.0.1 200.0.0.2 x.x.x.x
e-mail to internet forward to PB1 e-mail from ID@[200.0.0.2]
Note : All Outlook clients connecting to Exchange5.5 server have no problem and all headers as desired.
hstiles,
Yes, recipients outside the organization. Basically any mail sent from Server A places the "[200.0.0.2]" instead of 'DOMAIN.XXX'
To implement domain masquerading at the firewall level provided it has SMTP proxy capabilities. What product do you recommend? However I am hoping this can be implemented with what I have currently.
The comment placed earlier in this call that Exchange 2000 has addressed this is great but I do not have this product.
Thanks for the feedback so far, really appreciate it. Back to the drawing board.
If you're using dial-up for mail, then an SMTP proxy is of little or no use. Otherwise I'd have suggested something simple like a Firebox or PIX.
Do you have any plans to move away from using ETRN for mail in the near future?
Is there no way you can configure sendmail on the RS6000 with it's own SMTP connector that in turns forwards onto your Exchange server as some kind of Smarthost. This would force sendmail to add a valid domain to outbound mail.
Do you have any plans to move away from using ETRN for mail in the near future?
Is there no way you can configure sendmail on the RS6000 with it's own SMTP connector that in turns forwards onto your Exchange server as some kind of Smarthost. This would force sendmail to add a valid domain to outbound mail.
ASKER
hstiles,
The only developements planned in next 2 months is replacing the dialup connection with DSL (Broad Band) and possibly the addition of a Linux based system.
The RS6000 is simply setup to fire its out going mail at the exchange server's IP address 200.0.0.2 Now from there exchange relays it internally or to the outside world depending on email address. In fact I notice when the email is sent internally the header reads as ID@[200.0.0.2] as well, so you may have a point there that some work needs to be done on the RS6000??
Would the problem be the way the RS6000 presents the smtp header to exchange or is the exchange system do something crazy?
The only developements planned in next 2 months is replacing the dialup connection with DSL (Broad Band) and possibly the addition of a Linux based system.
The RS6000 is simply setup to fire its out going mail at the exchange server's IP address 200.0.0.2 Now from there exchange relays it internally or to the outside world depending on email address. In fact I notice when the email is sent internally the header reads as ID@[200.0.0.2] as well, so you may have a point there that some work needs to be done on the RS6000??
Would the problem be the way the RS6000 presents the smtp header to exchange or is the exchange system do something crazy?
ASKER
hstiles,
The only developements planned in next 2 months is replacing the dialup connection with DSL (Broad Band) and possibly the addition of a Linux based system.
The RS6000 is simply setup to fire its out going mail at the exchange server's IP address 200.0.0.2 Now from there exchange relays it internally or to the outside world depending on email address. In fact I notice when the email is sent internally the header reads as ID@[200.0.0.2] as well, so you may have a point there that some work needs to be done on the RS6000??
Would the problem be the way the RS6000 presents the smtp header to exchange or is the exchange system do something crazy?
The only developements planned in next 2 months is replacing the dialup connection with DSL (Broad Band) and possibly the addition of a Linux based system.
The RS6000 is simply setup to fire its out going mail at the exchange server's IP address 200.0.0.2 Now from there exchange relays it internally or to the outside world depending on email address. In fact I notice when the email is sent internally the header reads as ID@[200.0.0.2] as well, so you may have a point there that some work needs to be done on the RS6000??
Would the problem be the way the RS6000 presents the smtp header to exchange or is the exchange system do something crazy?
ASKER
Can someone help? Or is this operation not possible without upgraqding to Exchange 2000 or introducing another smtp server?
ASKER
Well it appears that steinmto has the answer to this senario.
Thanks
Thanks
ASKER
Thanks RED Hat Linux 7.3 on its way.
It was hard to find out, but i did.
This is from my knowledgebase:
SUMMARY
In a previous article the following was stated:
(Title: How to use Internet Mail Service to reroute messages)
"Administrators of Microsoft Exchange server 5 and higher have the ability to reroute internet mail messages with the originating 821 header intact, or rewritten to the site associated to the host where the IMS is homed."
However, when implementing the solution as despribed in the article, messages will not be rerouted in case of the secondary mail server/domain being in the same internal network.
CAUSE
To resend incoming messages on a communications computer to another mail server on the internal network (this setup is commonly used to increase connection security), the original rcpt-to header of the message needs to be preserved so that a proper reply can be generated bij de mail client software. To keep the RFC-821 rcpt-to header messages need to be forwarded. Exchange server is capable to do that using the forwarding rule. It is defined using the 'Specify by email Domain'-button on the 'Connection'-tabsheet, define which domain to forward an to which IP-address to forward to.
However, when an incoming message is to be forwarded to the defined domain and the domain is on the same network (the domain name is the same), the mesage will not be handled as an outbound message. Because it is not an outboud message to the internet, the forwarding rule will not be applied.
RESOLUTION
You have to make clear to Exchange server that the inbound domain is actually the same as the outbound domain. Then Exchanger server wil handle the messaged as real outbound messages and will apply the forwarding rule.
To do that you will have to enter a routing rule (this is different then what is mentioned in the original article). Open the IMC-properties and choose the 'Routing'-tab.
- activate 'Reroute incoming messages'
- delete the default <inbound> rule.
- add a new rule that reroutes all messages for 'DOMAIN.XXX' to 'DOMAIN.XXX' (they must be identical)
- confirm the entry.
- close the IMC-configuration and restart the IMC-service.
Now all inbound messages for 'DOMAIN.XXX' will be forwarded to the mail server at the IP-address mentioned in the forwarding rule.
Hope this helps you..