jjeffcoat
asked on
Exchange 2007 switching from Exchange Defender to Webroot for external mail filtering (Smarthost Issue)
We are running an Exchange 2007 server as part of the SBS2008 platform. We are also behind a SonicWall firewall. I've been thrown into administering the servers and need a little help.
We are switching from Exchange Defender to Webroot. Everything is setup on the Webroot servers, now I just have to point all traffic to go through their servers.
I have the mx records updated and they should be replicating now. I thought I could go into the exchange server and replace outbound.exchangedefender. com with post51.us.emailfiltering.c om and everything would be ok, but my first test message just sat in the queue until I place the exchange defender server back into the smarthost field. I must be missing something somewhere? Do I have to create another connection piece????
I believe I also have an outbound lan-wan access rule in place to allow internal mail to pass on to the webroot servers.
We are switching from Exchange Defender to Webroot. Everything is setup on the Webroot servers, now I just have to point all traffic to go through their servers.
I have the mx records updated and they should be replicating now. I thought I could go into the exchange server and replace outbound.exchangedefender.
I believe I also have an outbound lan-wan access rule in place to allow internal mail to pass on to the webroot servers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
also, you may need to restart the exchange routing engine before the change will take place (possibly a couple of other services too).
ASKER
OK, it looks like a firewall issue, I can telnet to the ExchangeDefender server, but not the Webroot server. I duplicated all the access rule entries I saw for Exchange, but still no luck.
Pls post a screenshot of your LAN-to-WAN firewall rules.
Is is necessary to block port 25 outbound at all? Very often, port 25 outbound would be allowed to any host.. obviously not an incoming port 25 redirection as that should go only to your incoming mail server.. unless you use a mail relay services (i.e. messagelabs etc).
You could consider temporarily try just allowing all port 25 traffic outbound.. or changing the outgoing port for the mail connector (i.e. to 2525) and allowing that.
Have a look at your sonicwall's logs..
You could consider temporarily try just allowing all port 25 traffic outbound.. or changing the outgoing port for the mail connector (i.e. to 2525) and allowing that.
Have a look at your sonicwall's logs..