Front End Server and Inbound/Outbound SMTP Relay

I have a front end Exchange server running Exchange 2000 and two back-end Exchange 2000 Servers.  I have configured the SMTP Virtual Server on my front end server with a smart host - the IP Address of one of the back-end Exchange servers (for Inbound mail). I would like to forward all outbound mail from my back end servers to the front end server.  Do I require another NIC card so that I can create a second SMTP Virtual Server with a different IP address so that I can relay mail outbound?  or is there a way to configure the front end mail relay to send both inbound and outbound mail with one NIC and IP address?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If the servers are all part of the same routing group you do not need to setup smart hosts at all.  First, remove that setting.  Then, create an SMTP connector and set the local bridgehead to be the front end server.  If you inbound mail comes to the front end, it will automatically be delivered to the back end.  And which server you set as the local bridgehead on the SMTP connector will be the one that all of the outbound mail is sent through.
wmorlettAuthor Commented:
This worked great.  Is there anything else you recommend doing to secure the relay so that it cannot be used by others to relay mail?  I only want to receive mail inbound for one domain (mine) and want my two exchange servers (back-end servers) to be able to relay to this front end server.
3 things you can do to secure relay:

1.  On the properties of the SMTP virtual server/2nd tab/relay - verify that only the list below is selected (and its empty) and the box is checked to allow authenticated users to relay
2.  On the properties of the SMTP connector, address space tab.  Make sure the box that says "allow relay to these domains" is unchecked for the * entry
3.  Make sure your admin users have strong passwords.  It's not uncommon for a spammer to try and crack the admin password so they can relay

If you do these things you will go a long ways toward preventing relay, and these steps will not affect mail flow from the back end servers to the internet or vice versa.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

wmorlettAuthor Commented:
Thank you.  This was quit different from 5.5 and I was a little thrown as how to accomplish this.  You've been of great assistance.  Kudos!!

wmorlettAuthor Commented:
I do not support IMAP4 or POP3 on either of my back end servers so I've turned the services off on both my back end and front end server(s).  Since I don't support IMAP4 or POP3 can I disable the Information Store on my front end server?  
No, the Information Store is required if mail is sent through that server (it does message conversion).  Also make sure you keep the mailbox store mounted as well.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.