Solved

How do I configure use of a proxy with IIS SMTP?

Posted on 2009-05-03
4
1,115 Views
Last Modified: 2012-05-06
I need to relay notification mail from a few Windows 2003 servers (IIS 6) that do not have an internet facing NIC. I am able to send HTTP/FTP/SSL/Gopher through a proxy on a server with a WAN facing NIC by configuring in IE7 (tools, internet options, connections, lan settings). However, I don't see anywhere in IIS SMTP to configure this. Is there a reistry key where I can specify this? Is there a different SMTP Server I can install with more configuration options that allow use of a proxy?
0
Comment
Question by:socaltenor
  • 2
  • 2
4 Comments
 
LVL 19

Expert Comment

by:feptias
ID: 24290273
An SMTP server - such as the one that is part of IIS 6 - is able to store messages addressed to any of its home domains OR relay (i.e. forward) messages to another SMTP server. If it cannot do either of these then it will generally reject the message with an NDR.

I assume that when you talk about proxying, what you really mean is relaying. i.e. you want it to pass the message on to another SMTP server. The default behaviour would be for it to identify the destination IP address by looking up the MX records for the destination domain using DNS. However, this would normally only work if the server has access to the Internet - unless all destinations are on your LAN! You can also force it to pass all "non-home-domain" messages to one specific SMTP server using the "Smarthost" setting. IIS also allows another option based on matching the destination mail domain with a pre-defined domain in its list of so-called "Remote" SMTP domains. The option to add a remote domain is offered when you create a new SMTP domain in IIS. A remote domain can be configured to deliver to a specific Smarthost (by IP address or a resolvable host name) or can use DNS MX records to find the proper destination. The latter again requires access to the Internet. Relaying to domains that are not in the list of remote domains is controlled by authorisation/relaying permissions on the IIS server - the default is to not relay anything because "open relaying" is a security risk.

At the risk of stating the obvious, any email that needs to reach external addresses must pass through an SMTP server that does have access to the Internet. IIS SMTP server can be used for this purpose, or as an intermediate "hop" in a chain of relaying SMTP servers.
0
 

Author Comment

by:socaltenor
ID: 24291366
Thanks for the response Feptias. I have used the smarthost setting before. Really...all I am asking is how do I specify use of a proxy server (which is already used for all http/https requests) in IIS SMTP? The servers can have access to the internet if I can figure out a way to direct port 25 through the proxy, which has an internet facing NIC configured along with a private NIC on the same VLAN as the mail relay servers.
0
 
LVL 19

Accepted Solution

by:
feptias earned 500 total points
ID: 24293611
I believe you are slightly misunderstanding what a Proxy server is (either that or my knowledge on this subject is wrong). To the best of my knowledge, servers with two ethernet ports - one Internet facing and the other LAN facing - are not automatically able to function as a proxy server. First, you must install and run a special application or service that does the proxying - here are some examples:
http://www.wingate.com/
http://proxy.org/cgi_proxies.shtml

The protocols that are supported by your proxy server will depend on the software that is installed for this job. Usually, a proxy server is a "web" proxy server so it just supports the standard Web, FTP, SSL, etc services. It does not normally support relaying of emails because this is generally handled by an SMTP server. It is possible that some Proxy servers are SMTP email enabled, but you would need to check which one you have to know this.

Therefore, your choices would be as follows:
1. If your existing proxy server does already support proxying of emails, then you could set it as the Smarthost for your IIS SMTP server
2. If your proxy server does not support email, then you could install a simple SMTP server (e.g. IIS) alongside the web proxy server application on the same hardware that currently does your web proxying. Then configure the new SMTP server to allow relaying in a safe manner and then point your original IIS SMTP server to it as a Smarthost.
0
 

Author Closing Comment

by:socaltenor
ID: 31577307
That was exactly what I found. I did understand the generalities of the proxy setup. It is WinGate that I use...and it is capable of proxying e-mail. Hopefully I have set it up correctly that the messages are not stored/processed on the proxy...and it just transparently allows them through, but e-mail is flowing. Thanks for your time!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now