Setup SMTP via TLS on SBS 2003 for single outside domain

I am trying to setup secure email from my server to a single external domain.  I have done much reading on this, but cannot successfully configure it.  Here are the steps:
1. Purchase a valid cert from a CA (GoDaddy)
2. Create VS and connector, configured for TLS and Address Space of TLSdomain.com
3. Apply cert to VS
4. Set Default Connector to cost 2 and new TLS connector to cost 1

I get the following error:
A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator.
  <mydomain.com #5.3.5>

I am not sure I have configured the VS and Connector properly, so if want me to check anything, let me know...

Thanks in advance...
rjccazAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jamie McKillopIT ManagerCommented:
Hello,

Did you setup a second IP on your Exchange server for the new SMTP VS? Here are the instructions to set this up properly - http://msexchangeteam.com/archive/2006/10/04/429090.aspx

JJ
0
rjccazAuthor Commented:
I have been fussing with this for a while and one of the configurations I tried was using a second IP address.  From my reading, I understand SBS does not like multiple IP's so was reluctant to try this method.  Besides, it did not seem to work and I don't remember what the error was.

I just found this resource: http://msexchangeteam.com/archive/2006/10/04/429090.aspx
and will be trying yet another walkthrough.

0
rjccazAuthor Commented:
Running MS NetMon while sending results in no network traffic to the remote domain.  If I remove the domain from the Address Space, then I am able to see network traffic to the remote domain.  I also see the message stuck in the Queue.  This leads me to believe that it is an internal problem and not anything to do with the network.

Any Ideas?
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Jamie McKillopIT ManagerCommented:
If you have multiple Virtual SMTP servers, you need an separate IP address for each one. Each Virtual SMTP server binds to an IP. If you only have one IP, the first VS to start will bind to that and the other one won't be able to bind to an IP.

JJ
0
rjccazAuthor Commented:
jjmck,

Is this the case even if I use an alternate port for TLS?  I was planning on using the default port of 587 for inbound TLS traffic...
0
Jamie McKillopIT ManagerCommented:
You can use one IP if you use a different port for each VS, however, sending servers are going to use port 25 by default unless they are specifically configured with a VS to use port 587.

JJ
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rjccazAuthor Commented:
Thanks! I had tried to configure the SMTP VS to use port 587 (thinking that was the default) and of course, no-one could receive smtp traffic on 587.  Simple, now that I know...
0
tech2010Commented:
Can someone answer this please. If i need to configurie TLS for just few remote domains while i want to continue to operate with non-TLS outside server so should i create new SMTP virutal server and set TLS require opton on it and leave default SMTP VS as it?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.