DNS vs Smart Host for Exchange

If our new ISP is not able to provide an SMTP smart host for Exchange, are there any real downsides to switching to using DNS and delivery mail directly?  Any major advantages?

Also, what do I need to do to swtich from smart host to DNS?  We're running Exchange 2003 on SBS 2003 (not R2).
Who is Participating?
zelron22Connect With a Mentor Commented:
In the Exchange administrator, under the server, in protocols, get the properties of the default smtp virtual server.  In the Delivery tab, click on Advanced and clear the smarthost.  As long as your DNS server is set up with a forwarder or the root hints, that should do it (you might need to restart the SMTP virtual server).

The big advantage to having an offsite smarthost is if they are also doing AV scanning or filtering so that in the event your server gets compromised, you are less likely to get blacklisted.

The major advantage of using Smart Host will be security.  Your Exchange server will not be directly exposed to the public domain.  You can leave the Exchange server inside your LAN and expose only the Smart Host port 25 (SMTP) to the outside world.  In this case, if anyone tries to hack your server or perform a DoS attack on your Smart Host, it will not take down your Exchange server.
I_play_with_DNAAuthor Commented:

Why would I have to open anything other than port 25 on the Exchange server if I'm using DNS instead of a smart host?  Can't the Exchange server still stay on the LAN with only port 25 open to that box?
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

MesthaConnect With a Mentor Commented:
Using a smart host for outbound email does nothing for your security. I think the poster above is referring to an inbound server, which I would refer to as a SMTP gateway, not a smart host.

The only reason to use a smart host for outbound email is to ensure that your email gets delivered. If you cannot get a reverse DNS record set, you are not on a static IP address or your ISP has got blacklisted, using a smart host can often be the only way to get email delivered.

I_play_with_DNAAuthor Commented:

I, of course, have port 25 open to the mail server to allow inbound e-mail.  That's why the comment above confused me.

And the reasons you listed are why I would like to use the ISPs SMTP server to relay as opposed to DNS (as I mentioned in another related Q that you just posted in as well).
Gents, my apology.  You're right that I'm talking about inbound SMTP security.  My recommendation is about not allowing direct inbound SMTP to your email server.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.