Solved

SMTP / Email server understanding

Posted on 2009-06-30
12
268 Views
Last Modified: 2013-11-30
Hello Experts,

I am trying to understand how the emails are been configured on our domain. This has previously done by one of the administrator who no longer work with us.

On all the clients machine, emails are configured on Microsoft Outlook by connecting to the POP server to send and receive emails. All I believe it does is download the emails from the POP3 server.

We have a dedicated server so no technical help I can get from my ISP on this.

On the server, I have got the "domain"  and server name  added under the default SMTP virtual server .

Then I have a POP3 service, where I can also see the same domain and when I click Server Name, the domain name comes up and upon clicking it, I get all the mailboxes listed in the right panel.

I now have been asked to change MX records and lock down the firewall for spam filtering.

Please can someone advise whether the setup I have described above is what is knows an on SMTP server?

How would I know if there is any firewall I can lock down?

Please advise

Thanks
S

0
Comment
Question by:newbie27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 8

Assisted Solution

by:stefanx
stefanx earned 100 total points
ID: 24744079
Sounds like you have Exchange with a POP3 Connector that pulls mail from your ISP and then redistributes on Exchange. IF that is the case, then your ISP's mailserver is currently your MX record. When you change it to your server, you will have to make sure that the SMTP service is also running and that your Exchange will accept mail for the domain.

Personally, if your ISP does decent Anti-Virus and Anti-Spam, I would leave it like this because proper Anti-Spam and Anti-Virus is not a trivial matter and doing it on your own is a headache. I just guess that you wouldn't have been asked to do this if your ISP's Anti-Spam was any good ;)
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24744081
do your company have an anti-spam firewall or an anti-spam software/hardware solution.

Firewalls can block incomming traffic from known spamming addressess / domains.
http://www.unixhub.com/block.html

here are one example of IP-range you want to block into your mail server.
sure if you know customers ect who lives in that part or have that IP-address range. you need to allow them.

search abit around on google after : banned IP's or something
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744179
hello,

thanks for your input.

i thought we dont have exchange server setup on our dedicated 2003 web server.

this is something which i really need to understand, i have been advised to use messagelabs anti spam service ... and they asked me to change mx record and setup certain range of allowed ips to list ...

however, on the server i dont know whether any firewall is been set..

please can someone advise how can i find the firewall?

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 7

Expert Comment

by:aamodt
ID: 24744226
if you are useing server firewall .. it might be from :

checkpoint
comodo
norman

or something like that. Protection. but i guess you have a premimiter firewall at the start point of your network, and there you can block  spamming ip-addresses.

messagelabs anti spam service is software, so then you need to install it on the email server.

This is proberlly the best solution if you are not sure how the firewall is configured or where it is. your last administrator should have documented it like which systems and firewall solutions and so on the network contains.

but yeah install a anti spam service on the server and just update it with lastest patch and i think you are good to go. well spam will get into your network but you will stop it at the Server.

The best solution is to just drop it at your incomming network.

Hope this help you abit on your way :)

Regards Aamodt
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744448
thanks again,

i cant find any of the above firewalls on the server ...

perhaps there are no firewall installed for the email server ... i have noticed that when I right click on the default SMTP virtual server under IIS, go to acces tab and when i click on  RELAY button I get few list of IP addresses which are in the allowed list ... perhaps this is the only way acting as a firewall?

does this makes sense?

Does the SMTP virtual server on IIS is actually a real SMTP server?

I need to tell the MessageLabs client whether we use SMTP server or not?

please advise
thanks
0
 
LVL 7

Accepted Solution

by:
aamodt earned 400 total points
ID: 24744547
Hey,

Yeah the allowlist in the IIS/SMTP server are abit like a simple firewall.  but i think your server does not have a software firewall then. your network router might have firewall configuration in it .. like Cisco : access-list or something like that.

best solution again is to try stopping spam  before it enter the network, but it is a more expencive solution because you need a anti-spam HW solution on the entrance of your network .. else try blocking some "BAD ip-addresses" in your Router/firewall.

The   best solution for you is probably installing a software anti-spam    /  Firewall solution so you just run it with the Mail server.


Yeah most possible it is a real virtual SMTP server, you can just try that by sending from a configured workstation. since i guess the server is up and running since your first question was how to adapt anti-spam / firewall to the mail server.

Yes you need to tell the anti-spam software what kind of protocol you are using and where the "mail server" is located .. in this case its probably POP3 and SMTP on localhost.

Regards Aamodt
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744609
aamodt

thanks again for your input...

do i have to buy a firewall or its a freeware? if i have to install a firewall on the server with the above setup .. which one would you like to recommend?

please advise
thanks
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24744695
We are using Checkpoints client firewall solutions aswell some of theirs HW solutions here in the company and out with the customers .

Checkpoint client firewalls works pretty well, highly configurable.
 
But i think you need to buy this "endpoint" solution from a provider of checkpoint products.

You have other solutions like : symantec and trend micro... those are good and has a large marked of the Security business.  but again you need to pay a small amount for these products, but you will also gain support on them if you have any  trouble setting things up in the future.

If you want something free, search a bit around on the web and read articles of the product and read if people that have tested it in a corp environment is happy about the product.

Regards Aamodt
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744790
thanks,
i have got ZoneAlarm security suite installed on our clients PC and have got few spare licences..

can i use their firewall on the server?

should i install only the firewall and not the complete software on the server?

please advise
thanks
0
 
LVL 8

Author Comment

by:newbie27
ID: 24745084
this something i have been advised

Lock down your firewall:
Please place the following restrictions on your firewall after your MX changes have fully propagated. Only port 25 (also known as SMTP) traffic must be locked down to accept the IP addresses in the following link: Subnet IP
If you do not have a firewall, please make these changes to the mail server itself.


please can you advise me on this?

thanks
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24746285
Yeah sure, install the firewall client on the server try to strip down most of it so only firewall Are installed / running. Then take an block all ports exept 25 and 110 (if you Are running pop as well) and add the different ip addresses to an accept list in the firewall software.

Regards Aamodt

PS :sending from mobile atm so dident want to type so much :) but i Think you can handle the rest
0
 
LVL 8

Author Comment

by:newbie27
ID: 24747050
ok let me try thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question