[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Exchange Internet Emails through Proxy

Posted on 2009-07-15
6
Medium Priority
?
222 Views
Last Modified: 2013-11-30
I am running Exchange 2003, I decided to setup a bridgehead server to route internet emails to the respective internet accounts using a smart host (mail server) hosted by myself. The Bridgehead has two NICs, one for the domain and another I had installed for testing purposes to be hooked directly to the internet. As it stands the bridgehead is working perfectly and delivering internet emails through the smart host. However I do not want it to have a direct connection the the internet because then my active directory would be vulnerable. I tried using the second NIC, previously used for a direct link to the internet, to connect to a proxy. Whilst using the proxy I cannot manage to send out any mails, they stay queued in the bridgehead server. Ive even installed the firewall client for the proxy. and I made a rule to allow all smtp traffic, still nothing. Is there anything I am doing wrong? Any help would be appreciated
0
Comment
Question by:TechGSC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 11

Expert Comment

by:tmeunier
ID: 24864042
There are a couple considerations here.  One is that Windows Server isn't so spiffy at handling multiple gateways, so make sure you take care of that and that network configuration is fine for other communications on both NICs.  Then, you can accomplish what you're trying to do with the built-in Internet Mail Wizard, which has facility to set up two SMTP virtual servers, one for inbound and one tied to an SMTP connector for outbound Internet mail.  Here's a good article that discusses.
http://www.msexchange.org/tutorials/Using_Exchange_2003_Mail_Wizard.html
0
 

Author Comment

by:TechGSC
ID: 24864351
I've done all that, I have my smtp connector setup and everything. It has been working fine but now I want it to work through a proxy server running ISA 2006. Rather than have it connected directly to the internet... for security reasons.
0
 
LVL 11

Accepted Solution

by:
tmeunier earned 2000 total points
ID: 24864389
Ah, gotcha. In that case, you're perfect as far as Exchange is confirmed, and it becomes completely an ISA Server question.
http://technet.microsoft.com/en-us/library/bb794845.aspx
The part that says "Sending Internet E-Mail Messages" is really the part that concerns you, assuming that DNS is also working perfectly.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:TechGSC
ID: 24873888
thanks for the quick responses. I've done what the document you said asked. Setup a computer object for the bridgehead created the smtp rule to allow it access but still the same exact thing, it stays queues in the bridgehead and it doesn't leave out. But the minute I unplug the proxy network cable and replug the direct line to the internet it all sends quickly and smooth..... HELP!
0
 
LVL 11

Expert Comment

by:tmeunier
ID: 24873967
That's really curious.  Again, I'm not a firewall guy but you should be able to log onto a console session on your outbound Exchange server, and connect via telnet to port 25 of any public-facing mail exchanger.   So the next question is, let's plug it into the ISA server and ensure that it can do its task of sending email.  Get a terminal window, and do
NSLOOKUP -q=mx somedomain.com
(do you get an answer?  This will show that DNS is working.  If not, troubleshoot DNS settings here)
TELNET [that answer] 25
(do you get an answer?  if so, then your ISA SMTP rule is fine)
EHLO or HELO foo.bar
(still answer?  Then SMTP verbs are successfully being handled)
I can see that if your Exchange server is set to use an external DNS server and you don't have a rule allowing port 53 DNS traffic, then it would fail & queue.  So then you'd fix that on ISA, or point DNS resolution to an internal server.  For example.  In that case I would actually telnet to port 25 of the IP address of a known-good mail host, to get DNS resolution out of the picture as a problem.

I guess there could be other things too.  But it's pretty clearly being blocked by ISA.
0
 

Author Comment

by:TechGSC
ID: 24895721
thanks that helped me a lot. Its been a pleasure!
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question