Solved

Forefront Protection for Exchange Broke Threat Management Gateway

Posted on 2010-09-09
5
1,266 Views
Last Modified: 2012-05-10
I have an Edge server with Threat Management Gateway installed and properly configured to allow in/outbound mail flow.  Inbound email can only be received from our spam provider's relays, Postini to be specific.  

This was working fine until I installed Forefront Protection for Exchange.  After that, Postini's SMTP tests fail, and I get the following error in the Threat Management logs:

Log Type: Firewall Service
Status: No connection could be made because the target machine actively refused it
Rule: [System] Allow SMTP traffic to the local host for mail protection and filtering.

Under monitoring in TMG:
Email Policy – Configuration Failure
Description:  Command failed with error:  Cannot bind argument to parameter ‘Bindings’ because it is an empty collection.

There doesn't seem to be much in the way of configuration settings inside of FPE, I can't imagine what broke it, but I do know that mid-install, it had to restart the Transport role, and nothing's been the same since.

Help!


0
Comment
Question by:NAMEWITHELD12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 5

Accepted Solution

by:
michael_b_smith earned 250 total points
ID: 33638259
Did you just install Exchange 2010 sp1? See here: http://blogs.technet.com/b/isablog/archive/2010/09/01/problems-when-installing-exchange-2010-service-pack-1-on-a-tmg-configured-for-mail-protection.aspx

Don't make any manual changes! Call PSS. I believe there is a QFE available.
0
 
LVL 1

Author Comment

by:NAMEWITHELD12
ID: 33638289
No on the SP1 -- the FPE installation was on the same disc as the install for the version of Exchange I loaded up...
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 33652683
Where have you installed FPE - on the FTMG box running the edge service or on the Exchange server or both?
0
 
LVL 1

Author Comment

by:NAMEWITHELD12
ID: 33774861
Sorry, we abandoned the installation, never could get it to work. :(
0
 
LVL 1

Author Closing Comment

by:NAMEWITHELD12
ID: 33774878
We discovered that the installation of the app was removing the rules we set up to allow email in/out through TMG.  We decided that with our external spam/virus protection service, and our back end scanning capabilities, that we didn't need the hassle.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question