Setup SMTP via TLS on SBS 2003 for single outside domain

rjccaz
rjccaz used Ask the Experts™
on
I am trying to setup secure email from my server to a single external domain.  I have done much reading on this, but cannot successfully configure it.  Here are the steps:
1. Purchase a valid cert from a CA (GoDaddy)
2. Create VS and connector, configured for TLS and Address Space of TLSdomain.com
3. Apply cert to VS
4. Set Default Connector to cost 2 and new TLS connector to cost 1

I get the following error:
A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator.
  <mydomain.com #5.3.5>

I am not sure I have configured the VS and Connector properly, so if want me to check anything, let me know...

Thanks in advance...
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hello,

Did you setup a second IP on your Exchange server for the new SMTP VS? Here are the instructions to set this up properly - http://msexchangeteam.com/archive/2006/10/04/429090.aspx

JJ

Author

Commented:
I have been fussing with this for a while and one of the configurations I tried was using a second IP address.  From my reading, I understand SBS does not like multiple IP's so was reluctant to try this method.  Besides, it did not seem to work and I don't remember what the error was.

I just found this resource: http://msexchangeteam.com/archive/2006/10/04/429090.aspx
and will be trying yet another walkthrough.

Author

Commented:
Running MS NetMon while sending results in no network traffic to the remote domain.  If I remove the domain from the Address Space, then I am able to see network traffic to the remote domain.  I also see the message stuck in the Queue.  This leads me to believe that it is an internal problem and not anything to do with the network.

Any Ideas?
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

If you have multiple Virtual SMTP servers, you need an separate IP address for each one. Each Virtual SMTP server binds to an IP. If you only have one IP, the first VS to start will bind to that and the other one won't be able to bind to an IP.

JJ

Author

Commented:
jjmck,

Is this the case even if I use an alternate port for TLS?  I was planning on using the default port of 587 for inbound TLS traffic...
You can use one IP if you use a different port for each VS, however, sending servers are going to use port 25 by default unless they are specifically configured with a VS to use port 587.

JJ

Author

Commented:
Thanks! I had tried to configure the SMTP VS to use port 587 (thinking that was the default) and of course, no-one could receive smtp traffic on 587.  Simple, now that I know...

Commented:
Can someone answer this please. If i need to configurie TLS for just few remote domains while i want to continue to operate with non-TLS outside server so should i create new SMTP virutal server and set TLS require opton on it and leave default SMTP VS as it?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial