Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

configure smtp front end server exchange 2003

Posted on 2009-05-06
7
Medium Priority
?
424 Views
Last Modified: 2012-08-14
we are currently running 2 exchange 2003 exchsvrA and exchsvrB backend servers and a f/e server exchfe1to handle OWA.
the exchange servers are all part of the same admin group so nothing needs to be set up for internal mail.  there is a smtp connectorconfigured to filter all mail for internet to a smarthost and exchsvrA is set as the bridgehead.

I have to create another F/e server to Only handle SMTP traffic. what would be the best way to handle this?  
I can keep the same SMTP connector just change the bridgehead to point to the new F/E server correct ?
I would configure the default smtp virtual server on the f/e not to relay, and what specifics should i set ?

finally I only want this to handle SMTP traffic so what do i need to do, to disable the server from hadling OWA or any other traffic ?  What services should i disable ?

thank you in advance.
0
Comment
Question by:mndthegap1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 6

Expert Comment

by:ilantz
ID: 24317775
hi

you got already most of the setup good.

install new FE , configure it with all the settings you'd like , like IMF filtering for spam etc..
you will keep the same connector but point it to the new FE IP.
of course you will configure it not to relay. (only the below ip list...) add any internal servers you do want to relay from it .

securing the server is another issue.. i'd advice you to read some before you disable services..
http://www.msexchange.org/tutorials/Hardening-Exchange-Server-2003-Environment-Part1.html

just dont forward any ports other then 25 to that FE. and you'll be set.

good luck !
0
 
LVL 4

Expert Comment

by:kdagli
ID: 24317796
Change the "Local BridgeHead" on the SMTP connector to your new server. That server will then send emails out to Smarthost.
Change the NAT rule on your firewall and point it to your new server. By doing this, any email coming from the Internet will be accepted by your new server.
Disable HTTP Virtual Server on  your new server. (I am assuming your new server is not in NLB).

0
 

Author Comment

by:mndthegap1
ID: 24317879
thank you both for the quick responses. No the its not an NLB its regular 2 node active/passive cluster.
okay so to prevent OWA use3 disable the HTTP virtual server.
other then that im pretty much configured already?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:ilantz
ID: 24320143
yeah that's good. try the setup and let us know :)
0
 

Author Comment

by:mndthegap1
ID: 24338817
okay I've seem to run into a slight situation.  the way the client wants this done is NOT as a typical front end server. They didn't want to create multiple f/e SMTP servers and NLB between them.

Instead they chose to create a new active passive exchange server and are going to use that as a "smart host" to route mail through up to their provider(similar to message one or postini) to route out.

they aren't putting it in the DMZ  and are going to only allow inbound from the mail provider and nat to the new exchange server.. anyway this is how they want it so its being set up this way.

Now....   to harden or help protect the new exchange server under the SMTP virtual server access -> authentication is anonymous, basic, and integrated so that it can handle internet mail.. this is correct ?
under relay -> only listen below checked and i entered IP range for their mail service(company like message one) and also allow all computer which successfully authenticate to relay IS checked as well. is that correct ?
then under connection control I entered the same ip range for mail service, the IPS for the cluster, and the IPs for the other exchange server cluster nodes. is that correct ?  DO I need to enter the IPS for the other exchange servers, I was under the assumption that any exchange servers in the same routing group can speak to each other regardless ?

then under the internet connector have the new exchange server listed as the bridge head forwarding out to the the designated mail service.

and finally now that the back end exchange server wont be handling inbound/outbound SMTP traffic
under its SMTP virtual server for authentication can I uncheck the anonymous and the basic and only leave the integrated windows ?


sorry for all the extra questions but would really really appreciate the assistance on this.
0
 

Author Comment

by:mndthegap1
ID: 24338829
also since it is only doing smtp traffic ive stopped the HTTP service in cluster admin.
0
 
LVL 6

Accepted Solution

by:
ilantz earned 2000 total points
ID: 24338902
your assumptions are all correct. you should be fine with that configuration.

consider implementing spam filtering for that Front end server thus...using IMF or any 3rd party software you'd like .. if you want to read abit more on SPAM i've blogged about it recently :)

http://ilantz.wordpress.com/a-bite-of-spam/

good job !
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question