Solved

Front End Server and Inbound/Outbound SMTP Relay

Posted on 2004-10-22
1,313 Views
Last Modified: 2012-05-05
I have a front end Exchange server running Exchange 2000 and two back-end Exchange 2000 Servers.  I have configured the SMTP Virtual Server on my front end server with a smart host - the IP Address of one of the back-end Exchange servers (for Inbound mail). I would like to forward all outbound mail from my back end servers to the front end server.  Do I require another NIC card so that I can create a second SMTP Virtual Server with a different IP address so that I can relay mail outbound?  or is there a way to configure the front end mail relay to send both inbound and outbound mail with one NIC and IP address?
0
Question by:wmorlett
    6 Comments
     
    LVL 21

    Expert Comment

    by:marc_nivens
    If the servers are all part of the same routing group you do not need to setup smart hosts at all.  First, remove that setting.  Then, create an SMTP connector and set the local bridgehead to be the front end server.  If you inbound mail comes to the front end, it will automatically be delivered to the back end.  And which server you set as the local bridgehead on the SMTP connector will be the one that all of the outbound mail is sent through.
    0
     

    Author Comment

    by:wmorlett
    This worked great.  Is there anything else you recommend doing to secure the relay so that it cannot be used by others to relay mail?  I only want to receive mail inbound for one domain (mine) and want my two exchange servers (back-end servers) to be able to relay to this front end server.
    0
     
    LVL 21

    Accepted Solution

    by:
    3 things you can do to secure relay:

    1.  On the properties of the SMTP virtual server/2nd tab/relay - verify that only the list below is selected (and its empty) and the box is checked to allow authenticated users to relay
    2.  On the properties of the SMTP connector, address space tab.  Make sure the box that says "allow relay to these domains" is unchecked for the * entry
    3.  Make sure your admin users have strong passwords.  It's not uncommon for a spammer to try and crack the admin password so they can relay

    If you do these things you will go a long ways toward preventing relay, and these steps will not affect mail flow from the back end servers to the internet or vice versa.
    0
     

    Author Comment

    by:wmorlett
    Thank you.  This was quit different from 5.5 and I was a little thrown as how to accomplish this.  You've been of great assistance.  Kudos!!

    Will
    0
     

    Author Comment

    by:wmorlett
    I do not support IMAP4 or POP3 on either of my back end servers so I've turned the services off on both my back end and front end server(s).  Since I don't support IMAP4 or POP3 can I disable the Information Store on my front end server?  
    0
     
    LVL 21

    Expert Comment

    by:marc_nivens
    No, the Information Store is required if mail is sent through that server (it does message conversion).  Also make sure you keep the mailbox store mounted as well.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Want to promote your upcoming event?

    Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    This video discusses moving either the default database or any database to a new volume.

    911 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now