Solved

Question re outbound email delivery by Exchange 2003 behind Astaro software firewall

Posted on 2007-03-21
3
563 Views
Last Modified: 2013-11-16
--------------------------------------------------------------------------------

Hi there. I run Exchange 2003 behind the Astaro v6.304 software firewall. I outward deliver mail directly (i.e. do not use the smtp proxy) via two SMTP connectors in exchange.

One delivers mail via a smart host (ww.authsmtp.com) to avoid our outgoing mail being regarded as 'suspicious' by receiving servers. The other connector we use to deliver mail directly via DNS, as this one handles 'forwarded' mail; i.e. we send a copy of incoming mail to Blackberries, google mail etc. and obviously our smart host could not accept these emails as they are from thousands of different people (so we have to send them direct).

I tried the smtp proxy the other day. Using transparent mode. Not using the smart host.
1. incoming email is fine
2. outgoing email that goes via the DNS (direct) connector is fine
3. But outgoing email that was supposed to go via the smart host connector authsmtp.com can not be delivered by Exchange 2003 and remains in the queue.

What's the problem and what's the solution here? Do I have to tell my Exchange connector to deliver to the firewall (and not to authsmtp.com) and then confgure Astaro's smart host function for onward relay. If so, how will email I need to send NOT via authsmtp get handled by Astaro? (i.e can what have two ways of delivering outgoing email by Astaro?).

Hope there is a solution please!

Thanks ...
0
Comment
Question by:MPSmith4258
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 18775192
I wouldn't recommend using any kind of SMTP proxy unless you configured Exchange to send all email via the proxy and then had the proxy server manage where the messages are flowing. In my experience the proxy servers in firewalls are not very good and cause significant problems with email delivery. In many cases I don't see the point in them.

Simon.
0
 

Author Comment

by:MPSmith4258
ID: 18798786
Thanks Simon. Appreciate your advice and won't use Astaro's proxy.
Can you recommend any software or techniques to easily view login (successful or failed) attemps on my open ports 25 and 443 that go to the IIS on my SBS2003? Astaro's IPS should alert me to exploit attacks, but I wondered how I could easily see if people are trying to login to https://secure.mydomain/exchange for example, etc. I deliberately remotely put in a lot of false user names and passwords on the OWA login screen, but at no point did it lock me out which is what I would have expected!!
Cheers!
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18800351
You were expecting IIS to lock you out after entering false usernames? It will not do that. The only thing it is capable of locking out is user accounts, when a valid user account is used.

IIS Logging will log attempts to login to the server. You will then something that can analyse those logs. It all depends on what you are doing, what you are looking for and what you intend to do with the results when you get them.

Simon.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCH2013 DB 3 14
Exchange OWA website Redirection 7 46
Moving on from sbs 2008... 36 85
query all mailbox rules 5 32
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question