Configure SMTP Virtual Server in DMZ to relay mail through internal Exchange server

Posted on 2004-10-21
Last Modified: 2008-03-03
Here is the scenario:

We have an ASP.Net Web application on a web server (IIS, Win 2003) in a DMZ that sends an e-mail to the localhost SMTP server (same machine) where the mail is supposed to be routed to our Exchange Server (2000) internally as a relay.  Exchange should then handle all mail processing.

The application works fine and the messages are queued up in the local mailroot directory.  They are then flagged undeliverable after the retry attempts fail due to the inability to contact the mail server.

My question(s) are as follows:

1. Do we need to enable SMTP traffic both ways between webserver and exchange server?
2. What entries do I need to enter in the advanced delivery options on the virtual smtp server for 'masquerade domain', 'fully-qualified domain name' and 'smart host'?
3. How do I configure the exchange server to accept and relay the SMTP mail?

While I can't provide too many details, the webserver is in it's own workgroup in it's own subdomain separate from the exchange server which is in a windows/active directory-type environment.

Any insight and advice is greatly appreciated.
Question by:garthjh
    LVL 21

    Accepted Solution

    1.  You need to enable SMTP from webserver to Exchange.  Verify this by telnet on port 25 from webserver to Exchange.
    2.  You only need to fill in smart host here, enter the IP of the Exchange server.
    3.  Open Exchange system manager, drill down under the server/protocols/SMTP and get properties of the SMTP VS.  Go to the 2nd tab, click relay, and select only the list below and add the IP of the SMTP server.  
    LVL 2

    Author Comment

    Thanks for your quick reply.

    Working on these suggestions, but for answer #2 the dialogue box for the advanced delivery options will not allow you to click 'ok' unless you specify something in the 'fully qualified domain box'.  What needs to go here?  The domain name through which I am sending the mail ( (the sender for the e-mails is ALWAYS a valid user in the domain) or the mail server ( or something else?  The SMTP Virtual server is in it's own workgroup so it really is not associated with the domain (
    LVL 21

    Expert Comment

    In that case you can put anything you want in there.  Since other servers will not be relaying off of this server (just the application) it doesn't matter.  
    LVL 2

    Author Comment

    This issue is still unresolved, but it looks as though it is definitely our routing issue, which we'll need to fix.  Good suggestions from marc_nivens on items to check for.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone. Privacy Policy Terms of Use

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    875 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now