Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

ISA Server, Exchange Server and MX Records

I need to install Symantec Antispam for SMTP on my network but I am not to sure where to start?

Here is my setup:  ISA Server 2000 is the first line of defense (member server/DMZ),  Exchange 2000 (domain controller/DNS/AD) is published behing the ISA 2000 Server incluidng it's publishing rules.  I have Symantec Antispam installed on seperate Windows 2000 (member server).

I have spoken with Symantec and they help me with the configuration and it's ready to use! Symantec said, all I need now is to route my emails from my Exchange Server to my Symantec Antispam Server for filtering!

My question is the following.  How do I configure Exchange 2000 to route emails to my  Antispam Server first..   Do I need to change my MX records at my ISP Provider; Due I configure Exchange Server SMTP; or do I do this at the ISA Server Firewall.

I am really stuck on this one, not to sure where to start?

Luis M. Rodriguez, MCP.
0
lrodriguez
Asked:
lrodriguez
  • 4
  • 4
1 Solution
 
SembeeCommented:
Simply create an SMTP connector in ESM. Add a "Smarthost" and enter the IP address or dns name (prefered) of your Symantec machine. Leave the cost and domain as default and away you go.

However why do you need to scan outbound email? Are you sending spam out?
Instead what I thing you need to do is adjust the firewall to route all SMTP traffic to the Symantec installation first, then there should be an option in the software to forward the email to your real SMTP server which is your Exchange machine.

Simon.
0
 
lrodriguezAuthor Commented:
I will try this, over the weekend.  Is there a website that can visaully show me how to do this?  
0
 
SembeeCommented:
I can point you in the direction of setting up a Smarthost.

http://www.amset.info/exchange/smtp-connector.asp

As for Symantec, you should probably look at Symantec's web site.

Simon.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
lrodriguezAuthor Commented:
Thanks for the great article from amset.infor in regards to AOL.COM problem!  It appears that everyone is fighting spam.

So correct me if I am wrong!

If I create an SMTP Connector and Smart Host on my Exchanger Server I can actually have the Exchange Server forwad all my emails to the spam server first for filtering and then my Spam Server would re-routed back to the Exchange Server for delivery?

Also, I can use SMTP Connectors to tell my Exchange Server to accept or deny other email domains such as yahoo.com, hotmail.om and aol.com?  


Thanks,

Luis M. Rodriguez, MCP.
0
 
SembeeCommented:
You would use the same SMTP connector for all domains that you are having problems with. The SMTP application you are using should be able to deliver the messages - they should not be sent back to the Exchange server.

However why do you need to filter outbound email?

Simon.
0
 
lrodriguezAuthor Commented:
Simon,

You stated on one of your replies the following:

"Instead what I think you need to do is adjust the firewall to route all SMTP traffic to the Symantec installation first, then there should be an option in the software to forward the email to your real SMTP server which is your Exchange machine".

You’re correct on the Symantec installation!  There is an option in the Symantec installation to forward the emails back to my real SMTP server, but I am not to sure how to configure this at the firewall.  Do you know of any isaserver.org tutorials or Microsoft KB articles that I can use in order to get my spam server on the network.

Thanks,

Luis M. Rodriguez, MCP
0
 
SembeeCommented:
I don't use ISA server - I personally prefer a real firewall to protect my networks.
There should be an entry on there for SMTP from external which currently points at another server. This needs to be pointed at the Symantec server.
The Symantec server then needs to pointed at another SMTP server for email delivery - this is NOT the Exchange server though - it could be a server provided by your ISP.

Simon.
0
 
lrodriguezAuthor Commented:
Thank you.  You were right on the nose.  I need to configure my ISA server to point to my Symantec install.  I had to change the publishing rules in ISA server and then create a SMTP coneection and use the smart host.

Thank you again.  
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now