SMTP / Email server understanding

Hello Experts,

I am trying to understand how the emails are been configured on our domain. This has previously done by one of the administrator who no longer work with us.

On all the clients machine, emails are configured on Microsoft Outlook by connecting to the POP server to send and receive emails. All I believe it does is download the emails from the POP3 server.

We have a dedicated server so no technical help I can get from my ISP on this.

On the server, I have got the "domain"  and server name  added under the default SMTP virtual server .

Then I have a POP3 service, where I can also see the same domain and when I click Server Name, the domain name comes up and upon clicking it, I get all the mailboxes listed in the right panel.

I now have been asked to change MX records and lock down the firewall for spam filtering.

Please can someone advise whether the setup I have described above is what is knows an on SMTP server?

How would I know if there is any firewall I can lock down?

Please advise

Thanks
S

LVL 8
newbie27Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

stefanxCommented:
Sounds like you have Exchange with a POP3 Connector that pulls mail from your ISP and then redistributes on Exchange. IF that is the case, then your ISP's mailserver is currently your MX record. When you change it to your server, you will have to make sure that the SMTP service is also running and that your Exchange will accept mail for the domain.

Personally, if your ISP does decent Anti-Virus and Anti-Spam, I would leave it like this because proper Anti-Spam and Anti-Virus is not a trivial matter and doing it on your own is a headache. I just guess that you wouldn't have been asked to do this if your ISP's Anti-Spam was any good ;)
0
aamodtCommented:
do your company have an anti-spam firewall or an anti-spam software/hardware solution.

Firewalls can block incomming traffic from known spamming addressess / domains.
http://www.unixhub.com/block.html

here are one example of IP-range you want to block into your mail server.
sure if you know customers ect who lives in that part or have that IP-address range. you need to allow them.

search abit around on google after : banned IP's or something
0
newbie27Author Commented:
hello,

thanks for your input.

i thought we dont have exchange server setup on our dedicated 2003 web server.

this is something which i really need to understand, i have been advised to use messagelabs anti spam service ... and they asked me to change mx record and setup certain range of allowed ips to list ...

however, on the server i dont know whether any firewall is been set..

please can someone advise how can i find the firewall?

0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

aamodtCommented:
if you are useing server firewall .. it might be from :

checkpoint
comodo
norman

or something like that. Protection. but i guess you have a premimiter firewall at the start point of your network, and there you can block  spamming ip-addresses.

messagelabs anti spam service is software, so then you need to install it on the email server.

This is proberlly the best solution if you are not sure how the firewall is configured or where it is. your last administrator should have documented it like which systems and firewall solutions and so on the network contains.

but yeah install a anti spam service on the server and just update it with lastest patch and i think you are good to go. well spam will get into your network but you will stop it at the Server.

The best solution is to just drop it at your incomming network.

Hope this help you abit on your way :)

Regards Aamodt
0
newbie27Author Commented:
thanks again,

i cant find any of the above firewalls on the server ...

perhaps there are no firewall installed for the email server ... i have noticed that when I right click on the default SMTP virtual server under IIS, go to acces tab and when i click on  RELAY button I get few list of IP addresses which are in the allowed list ... perhaps this is the only way acting as a firewall?

does this makes sense?

Does the SMTP virtual server on IIS is actually a real SMTP server?

I need to tell the MessageLabs client whether we use SMTP server or not?

please advise
thanks
0
aamodtCommented:
Hey,

Yeah the allowlist in the IIS/SMTP server are abit like a simple firewall.  but i think your server does not have a software firewall then. your network router might have firewall configuration in it .. like Cisco : access-list or something like that.

best solution again is to try stopping spam  before it enter the network, but it is a more expencive solution because you need a anti-spam HW solution on the entrance of your network .. else try blocking some "BAD ip-addresses" in your Router/firewall.

The   best solution for you is probably installing a software anti-spam    /  Firewall solution so you just run it with the Mail server.


Yeah most possible it is a real virtual SMTP server, you can just try that by sending from a configured workstation. since i guess the server is up and running since your first question was how to adapt anti-spam / firewall to the mail server.

Yes you need to tell the anti-spam software what kind of protocol you are using and where the "mail server" is located .. in this case its probably POP3 and SMTP on localhost.

Regards Aamodt
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
newbie27Author Commented:
aamodt

thanks again for your input...

do i have to buy a firewall or its a freeware? if i have to install a firewall on the server with the above setup .. which one would you like to recommend?

please advise
thanks
0
aamodtCommented:
We are using Checkpoints client firewall solutions aswell some of theirs HW solutions here in the company and out with the customers .

Checkpoint client firewalls works pretty well, highly configurable.
 
But i think you need to buy this "endpoint" solution from a provider of checkpoint products.

You have other solutions like : symantec and trend micro... those are good and has a large marked of the Security business.  but again you need to pay a small amount for these products, but you will also gain support on them if you have any  trouble setting things up in the future.

If you want something free, search a bit around on the web and read articles of the product and read if people that have tested it in a corp environment is happy about the product.

Regards Aamodt
0
newbie27Author Commented:
thanks,
i have got ZoneAlarm security suite installed on our clients PC and have got few spare licences..

can i use their firewall on the server?

should i install only the firewall and not the complete software on the server?

please advise
thanks
0
newbie27Author Commented:
this something i have been advised

Lock down your firewall:
Please place the following restrictions on your firewall after your MX changes have fully propagated. Only port 25 (also known as SMTP) traffic must be locked down to accept the IP addresses in the following link: Subnet IP
If you do not have a firewall, please make these changes to the mail server itself.


please can you advise me on this?

thanks
0
aamodtCommented:
Yeah sure, install the firewall client on the server try to strip down most of it so only firewall Are installed / running. Then take an block all ports exept 25 and 110 (if you Are running pop as well) and add the different ip addresses to an accept list in the firewall software.

Regards Aamodt

PS :sending from mobile atm so dident want to type so much :) but i Think you can handle the rest
0
newbie27Author Commented:
ok let me try thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.