ISA 2004 with Exchange 2003 SMTP

Anyone know how to set this up from scratch after the ISA 04 box and Exchange 03 box are up and running?

I've tried and can't get mail to flow.

I cannot get my test lab configured to use SMTP at all...I'm so lost!


w2k3 ad domain

2 DCs - both with DNS installed

1 ISA 2004 - connected to the internet fine...clients connect to internet fine.

1 Exchange 2003 - internal mail works fine

2 clients

I have updated the MX records and A records for the domain to point to and have set the IP to the external IP of the ISA server.

I have used the mail publishing wizard in ISA 2004 and set the IP to publish as the internal IP of the Exchange server, and set it to receive from external and internal.

No mail goes outbound or inbound. I can however telnet into the external IP of the ISA server to port 25, but even then I can't send mail to internal.

PLEASE HELP. IS THERE A BASIC WALKTHROUGH of how to do this as a brand new install or scenario?
LVL 23
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Check   "Supporting ISA Server 2000 Publishing of Exchange Server 2000/2003 with SMTP Relays - Part 3: Creating a Simple Anonymous Inbound SMTP Relay and Links to More Resources" at:

Other tutorials to be found at

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
You have to set up Site and Content Rule based on the ip address of you mailerver to let it access the outside world.
It's something like

Allow mail --> Client Sets: (Mail Servers ip address) --> All destinations

Also you have to create Protocol rules, it's something like this

Allow Mailprotocol SMTP --> Protocol SMTP --> Client Sets:(Mail Servers ip address)

If you would like to allow pop3 you can make above Protocol Rule for Pop3.

After this, go to your Exchange System Manager and force a connection on your SMTP engine to see if it works. Also, after editing the firewalls rules, be sure to restart the firewall and proxy services..

I don't know why you have to do it like this, but just try it, it works nice for me...
TheCleanerAuthor Commented:

Not sure how to do this...

I found the answer from a guy at but the above answers also helped some in the situation.

I'd like to assign 100 points each for the help...but I didn't get my answer here...
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

The Cleaner,

If you found your answer at, as you say and  as I recommended, then I have given you the direction for your answer and have earned the points fairly....and you should award them.

If you feel that rhandels also gave you information that was useful to you, then of course, you may, and should, split the points between us.

The one thing you may not do is reduce the points you offered for the solution after getting that solution.
TheCleanerAuthor Commented:
I don't mind giving JConchie and rhandels the points...I really don't care about the points, but their answers did not solve the question.

The link Jconchie sent me to was a link at for ISA 2000, not 2004, and it didn't work after using the link's information...although it did explain the concepts.

However, I did contact the moderator at and he helped me work through my issues with the differences between 2000 and 2004 using Exchange 2003.

Therefore, I am saying that the answers here did "assist" in me finding the answer...if that warrants the full point value according to the rules of this site, than that is acceptable to me.  I don't want to cheat anyone out of points, I just want to know what the proper turn of events should be in this kind of situation.

Let me know.
Hi TheCleaner,

Here's my 2 cents on this one. No we didn't answer the question for you. But, by my good knowledge, this site tries to help people with problems regarding their pc, network and so on. We don't know all and everything (unfortenately). As you stated, JConchie guided you to the site and my comment was somewhat heplful to you. Then i'd say split the points. Give JConchie the accepted answer and me the assisted answer and give us a c grade. You only give a c grade of people helped you a little bit into the right direction, but didn't solve the actual problem for you.

If anyone doesn't agree with me, please post the comment. But i hope whe can focus on what we are trying to do here, help people with a problem they have. And eventually, your problem is solved..... (which is, in my honest opinion the best post of all......)
Actually, a "C" grade is reserved for questions that really were not solved by the list *after* the questioner  had asked for further detail or clarification....and not received "A" or "B" is appropriate here.
TheCleanerAuthor Commented:
OK, just so everyone is aware, I'm not trying to cheat the system...

I've awarded the points, and the B grade, as instructed.

Thank you to both jconchie and rhandels for their help, and hopefully they won't look the other way in the future when I ask a question. :)
no problem.
No hard feelings here..... Just aks the question and we will jump on it... ;)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.