Solved

Gwia Question

Posted on 2004-09-15
5
562 Views
Last Modified: 2006-11-17
I am going to do a upgrade to groupwise sp2 Also as part of the upgrade The client would like to have a second GWIA set up
on that box as an inward facing GWIA and have the outward facing GWIA
set to refuse connections from domain.com in an attempt to
address the recent security report.  they have 2 interfaces on the email
server and are able to commit the other port to the inward facing GWIA
so we dont have to play games with port numbers. how would I accompish this?
0
Comment
Question by:eberhardt2329
  • 4
5 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 12069893
What VERSION of GroupWise are you going to upgrade to SP2? There is an SP2 out for v5.5, v5.5EP, v6.0 and v6.5.

I'm not sure you can do exactly what you want. I would recommend that each GWIA reside in its own Secondary Domain. In the Domain(s) where the user accounts are located (probably another Secondary Domain), you would put the "outbound" GWIA as the default for Internet E-Mail (you can set this Domain-wide).

Normally, GWIA will bind to all available IP addresses when it comes up. I'm going to have to research some to see exactly how to limit this. I know it CAN be limited, but only in one direction (i.e. either for sending or receiving).

You'll need to run each GWIA in its own Address Space, also. So you need to be using NetWare v6.0 or later, preferably NetWare v6.5 SP2.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12069897
Standard Plug: You may have noted that GroupWise does not have its own TA under the E-Mail heading. If you'd like to help change this, then a nice (free) message in the New Topics request area would be helpful. http://www.experts-exchange.com/Community_Support/New_Topics/
0
 

Author Comment

by:eberhardt2329
ID: 12071656
the version of groupwise is 6.5 thank you for suggestions i will look forward to your future posting on this. i knowis a tricky one
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12075352
OK, here is the isue. The GWIA will NOT, by default, ignore a given NIC for *outbound* messages. By default, it will use *any* available address when *sending*. See the Novell GroupWise v6.5 Administration Guide at http://www.novell.com/documentation/gw65/index.html, specifically Page 641.

In order to force the GWIA to bind to a specific IP address for outbound E-Mail, you must choose the "Bind to TCP/IP Address at Connection Time" option under the SMTP/MIME tab (Settings panel) of the GWIA properties.

I note in passing that GWIA will still listen on all TCP/IP addresses on the machine for incoming E-Mail. There is no way to override that behaviour.
0
 
LVL 34

Accepted Solution

by:
PsiCop earned 500 total points
ID: 12075719
So, to do what you want, list the *incoming* GWIA in your Domain's MX records. That will direct all external E-Mail coming to your GroupWise system to that GWIA. If you want, you can list the other GWIA as a lower-preference MX - be careful here to have anti-spam features turned on, because spammers will look at DNS records for all MXes for a Domain and send to all of them.  The advantage of making the "outbound" GWIA an MX is that if the "inbound" machine dies (critical hardware failure) you don't have to wait on DNS propogation to start receiving E-Mail. You can even have your firewall block inbound Port 25 connections to the "outbound" server, since legit senders won't use it unless your normal "inbound" server is down.

Then, in the Domain(s)  in which your users reside, go to the Properties of the Domain object, select the GroupWise tab, Internet Addressing panel, and force the GWIA for outbound Internet E-Mail to be the "outbound" GWIA.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

In this post, we will have a look on how to install Exchange Server 2013 from command prompt, instead of using the graphical user interface. Below are the steps that are to be performed to install Exchange Server 2013. 1. Domain Controller and…
Microsoft Outlook provides an easy way to recover permanently deleted items. When you empty the Deleted Items or simply deleted an Outlook data items using shift+Del key then it can be recovered using Registry Key settings.  Caution- Wrong Registry…
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now