[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to setup Authentication against my Domain for my Secure SMTP Relay running on my ISA Firewall box.

Posted on 2004-10-11
4
Medium Priority
?
250 Views
Last Modified: 2013-12-04
Hope this is possible...

I have a secure authenticated SMTP relay running on my ISA 2000 firewall box.  This is a W2K Server with IIS 5.0 SMTP services and is a stand alone server located in my perimeter network (same subnet but is not part of my Domain).

When I am outside of my network, I authenticate against the SMTP relay ONLY IF the User Account exists on the stand alone server (ISA Box).  Then the relay forwards mail appropriately.

Obviously, I do not want to maintain users and passwords both on the ISA 2000 box and in the Domain, but want the users to authenticate against my domain AD.

I have been unfruitful thus far in figuring out how to accomplish this.

Anyone have any suggestions or guidance?

Thanks in advance,

Dave
0
Comment
Question by:dabrennan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 11

Expert Comment

by:mwnnj
ID: 12282663
Hi dabrennan,
i found theeses artices,if yoou wish read point:
"Preventing the IIS 5.0 SMTP Server from Relaying E-mail Messages" from the url:
http://support.microsoft.com/default.aspx?scid=kb;en-us;q310356&sd=tech

What about enabling Basic Authentification on your IIS using SSL?

http://www.winnetmag.com/Web/Article/ArticleID/15843/Web_15843.html
http://www.win2000mag.com/articles/index.cfm?articleid=8443
http://support.microsoft.com/default.aspx?scid=kb;en-us;301457&sd=tech

Please,post here your reply ;eg whether i have understood you right or not.
Thanks!
-------------------
Additional sources:
http://www.iis-resources.com/index.php
http://www.isaserver.org/
http://www.microsoft.com/technet/itsolutions/howto/admhow.mspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;300958&sd=tech
0
 

Author Comment

by:dabrennan
ID: 12291365
<<<<  Excerpt >>>>>

 Using ISA Server 2004 RADIUS Authentication in Web Publishing Rules (Part 1)
    Date - Oct 07, 2004      Author - Paul Baldwin      Section - Tutorials :: Publishing

A valuable feature in any firewall is an ability to authenticate users before they are allowed to communicate with servers behind that firewall. ISA Server is one of the few firewalls that can provide this service for any Web servers that it publishes, [[[[[[[[[but previously this feature had only been practical if the ISA Server was a domain member with access to the Active Directory.]]]]]]]]]]] With ISA Server 2004 additional methods of authenticating were introduced, one of which allows the ISA Server to authenticate users in the Active Directory without requiring the ISA Server to be a member of that Active Directory forest. The mechanism it uses is RADIUS, a protocol perhaps better known in connection with dial-up and VPN access.

<<<<< www.isaserver.org >>>>>>>

1. I can either disable the SMTP Application Filter on ISA (Which eliminates my protection against buffer overflow) and use a Server Publishing rule to authenticate directly against my Exchange Server SMTP Service.  (Not use a secure SMTP authenticated relay on the ISA Server at all).

or

2. Must become a member of a domain and setup an incoming one way non-transitive trust to my domain so users can authenticate against my Domain's AD at the ISA Server Box at my Secure SMTP relay.
0
 

Accepted Solution

by:
RomMod earned 0 total points
ID: 12330955
The question has been PAQ'd and the 500 points have been refunded.
RomMod
Community Support Moderator
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question