Solved

Question re outbound email delivery by Exchange 2003 behind Astaro software firewall

Posted on 2007-03-21
3
559 Views
Last Modified: 2013-11-16
--------------------------------------------------------------------------------

Hi there. I run Exchange 2003 behind the Astaro v6.304 software firewall. I outward deliver mail directly (i.e. do not use the smtp proxy) via two SMTP connectors in exchange.

One delivers mail via a smart host (ww.authsmtp.com) to avoid our outgoing mail being regarded as 'suspicious' by receiving servers. The other connector we use to deliver mail directly via DNS, as this one handles 'forwarded' mail; i.e. we send a copy of incoming mail to Blackberries, google mail etc. and obviously our smart host could not accept these emails as they are from thousands of different people (so we have to send them direct).

I tried the smtp proxy the other day. Using transparent mode. Not using the smart host.
1. incoming email is fine
2. outgoing email that goes via the DNS (direct) connector is fine
3. But outgoing email that was supposed to go via the smart host connector authsmtp.com can not be delivered by Exchange 2003 and remains in the queue.

What's the problem and what's the solution here? Do I have to tell my Exchange connector to deliver to the firewall (and not to authsmtp.com) and then confgure Astaro's smart host function for onward relay. If so, how will email I need to send NOT via authsmtp get handled by Astaro? (i.e can what have two ways of delivering outgoing email by Astaro?).

Hope there is a solution please!

Thanks ...
0
Comment
Question by:MPSmith4258
  • 2
3 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 18775192
I wouldn't recommend using any kind of SMTP proxy unless you configured Exchange to send all email via the proxy and then had the proxy server manage where the messages are flowing. In my experience the proxy servers in firewalls are not very good and cause significant problems with email delivery. In many cases I don't see the point in them.

Simon.
0
 

Author Comment

by:MPSmith4258
ID: 18798786
Thanks Simon. Appreciate your advice and won't use Astaro's proxy.
Can you recommend any software or techniques to easily view login (successful or failed) attemps on my open ports 25 and 443 that go to the IIS on my SBS2003? Astaro's IPS should alert me to exploit attacks, but I wondered how I could easily see if people are trying to login to https://secure.mydomain/exchange for example, etc. I deliberately remotely put in a lot of false user names and passwords on the OWA login screen, but at no point did it lock me out which is what I would have expected!!
Cheers!
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18800351
You were expecting IIS to lock you out after entering false usernames? It will not do that. The only thing it is capable of locking out is user accounts, when a valid user account is used.

IIS Logging will log attempts to login to the server. You will then something that can analyse those logs. It all depends on what you are doing, what you are looking for and what you intend to do with the results when you get them.

Simon.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question