Solved

Exchange 2007, postini and mobile devices getting mail

Posted on 2009-07-14
2
326 Views
Last Modified: 2012-05-07
OK, I'm not quite sure where to post this since it covers a few topics, but at the core, its a mail question, so here goes!
THE CORE QUESTION:
How do I restrict port 25 to only receiving mail from our spam filtering service (postini) without making the iphones unable to get mail?

THE DETAILS:
We've have exchange 2007. we've recently setup postini (for those not familiar: a spam filltering service. we change out MX records to hit their site, filter the spam, then the mail gets sent to out to our IP from them. We also send out mail out through them from our exchange box)
Part of the setup requires us to only accept port 25 connections from so that we can setup a "secure relay" on our server for when the have to reinject a message.

We have users that have iphones that connect to our IP or mail.domain.com to grab mail. only allowing port 25 connections from postini makes the phones unable to connect. Does anyone know a way around this? can exchange receive on port 25 and another port at the same time? maybe there is a firewall rule i'm not thinking of?

I had to open the rule for a while, and got hit hard with spam, probobly someone trying to relay off our server. queues were filled up big time.

I know this is a lot, please ask for any clarification needed. thanks in advance.
0
Comment
Question by:-JT
2 Comments
 
LVL 11

Accepted Solution

by:
tmeunier earned 500 total points
ID: 24856342
Yes.  Use Exchange Activesync for the iPhones, and then they'll use port 443 if you use SSL, or port 80 if you don't.  There's no reason now for iPhones to use POP3 or IMAP4.  Then you can restrict port 25 to Postini and you're all set.  The iPhones will connect using the same port 80/443 that you've opened for Outlook Web Access, Outlook over RPC/HTTP(s), and Entourage.

-tom
0
 

Author Comment

by:-JT
ID: 24860797
OK, thanks for the reply. I actually looked at the firewall logs and the IP's from the iphones do indeed appear to be using port 80. Thanks!
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now