Solved

Can't Seem to receive email via POP3 from external email adresses ' outside my domain

Posted on 2008-06-19
7
236 Views
Last Modified: 2012-05-05
i have a exchange server 2003 that came with (MS SBS) Microsoft Small Business Server 2003 R2. I have a registered domain that i will refer to as "mydomain.com". i have a linux box as my firewall that i have opened up all the ports for testing purposes until i get the exchange email system working (the linux box's internal ip is 192.168.1.243). I seem to be able to send email  just fine BOTH "internally (within the domain)" and "externally (outside the domain)". I have my registrar  DNS for email  pointing to my external ip address at 69.x.x.x and for the name "mail.mydomain.com" The SBS server with exchange is called "SERVER001.MYDOMAIN.LAN with an internal ip adress of 192.168.1.235" gateway of 192.168.1.243 and a DNS of 192.168.1.235. (i used the ". LAN"  because thats what MS SBS recommended during setup instead of using a .COM for "security purposes", dont ask my why, i just did what they recommended, i hope this doesnt turn out to be the problem)

Now on to my problem......i seem to be able to send email just fine to both internal and external emails both inside and outside the domain. However i cant seem to receive email via POP3 from people outside the domain. Within the domain i can send email just fine.  i am trying to have the exchange server handle the email directly from the internet. the exchange clients are using outlook and are using 192.168.1.235 as the IP for both SMTP and POP3. anyone have any ideas what i am doing wrong?
0
Comment
Question by:xeonox
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 2

Accepted Solution

by:
Taurus042 earned 500 total points
ID: 21825904
You need to set up port forwarding on your firewall if you haven't done so allready.
It needs to listen on port 25 and forward those requests to port 25 on your Exchange Server.
The same needs to be done for port 110 and/or 143 if you need access to POP3 and/or IMAP from the outside. (However please consider using SSL/TLS on SMTP/POP/IMAP for your clients or set up VPN for them. Otherwise you are sending username and password in clear text over the internet.)
0
 

Author Comment

by:xeonox
ID: 21834444
thanks taurus, i think that solved my problem, i completely overlooked that. i just had my linux box forward the ports and it worked like a charm. i also pointed my registrar email record and cname record to point to SERVER001.MYDOMAIN.COM and it seemed to have worked fine. thanks hope this helps other people out. ill keep this open for 2/3 days but ill give you the points taurus, i just wanna fine tune it a little with the SSL you are taking about.

i am very concerned about the following, how do i prevent outside people (spammers) from using my smtp exchange server?
0
 
LVL 2

Expert Comment

by:Taurus042
ID: 21840331
If you haven't changed any settings regarding to relaying your server should be OK already.

I do not have an Exchange 2003 machine right now so I cannot check exactly where the setting is but you should right click your SMTP virtual server and select Properties. Look for Relay Restrictions. Make sure that it looks like this example. You may add networks or IP addresses that you trust in the list as well.
relaying.gif
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:xeonox
ID: 21856511
what concerns me is the little check box at the bottom that says "allow all computer wich authenitcate sucessfully to realay, regardless of the ist above"

From what i understand (correct me if i'm wrong), if that is checked, all they need to do i guess the username, and obviously the username is gonna be the email address. Does that sound right to you?
0
 
LVL 2

Expert Comment

by:Taurus042
ID: 21856843
The username is not the same as the email address. In addition to the username they would also need the password associated with the user to be able to relay messages to other domains.
0
 

Author Comment

by:xeonox
ID: 21888692
i think i may have gotten it working correctly, do these settings look right and secure to you?


New-Bitmap-Image--2-.JPG
New-Bitmap-Image--3-.JPG
New-Bitmap-Image--4-.JPG
New-Bitmap-Image.JPG
0
 

Author Comment

by:xeonox
ID: 21921116
is that the right config?
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question