Solved

Forefront Protection for Exchange Broke Threat Management Gateway

Posted on 2010-09-09
5
1,268 Views
Last Modified: 2012-05-10
I have an Edge server with Threat Management Gateway installed and properly configured to allow in/outbound mail flow.  Inbound email can only be received from our spam provider's relays, Postini to be specific.  

This was working fine until I installed Forefront Protection for Exchange.  After that, Postini's SMTP tests fail, and I get the following error in the Threat Management logs:

Log Type: Firewall Service
Status: No connection could be made because the target machine actively refused it
Rule: [System] Allow SMTP traffic to the local host for mail protection and filtering.

Under monitoring in TMG:
Email Policy – Configuration Failure
Description:  Command failed with error:  Cannot bind argument to parameter ‘Bindings’ because it is an empty collection.

There doesn't seem to be much in the way of configuration settings inside of FPE, I can't imagine what broke it, but I do know that mid-install, it had to restart the Transport role, and nothing's been the same since.

Help!


0
Comment
Question by:NAMEWITHELD12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 5

Accepted Solution

by:
michael_b_smith earned 250 total points
ID: 33638259
Did you just install Exchange 2010 sp1? See here: http://blogs.technet.com/b/isablog/archive/2010/09/01/problems-when-installing-exchange-2010-service-pack-1-on-a-tmg-configured-for-mail-protection.aspx

Don't make any manual changes! Call PSS. I believe there is a QFE available.
0
 
LVL 1

Author Comment

by:NAMEWITHELD12
ID: 33638289
No on the SP1 -- the FPE installation was on the same disc as the install for the version of Exchange I loaded up...
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 33652683
Where have you installed FPE - on the FTMG box running the edge service or on the Exchange server or both?
0
 
LVL 1

Author Comment

by:NAMEWITHELD12
ID: 33774861
Sorry, we abandoned the installation, never could get it to work. :(
0
 
LVL 1

Author Closing Comment

by:NAMEWITHELD12
ID: 33774878
We discovered that the installation of the app was removing the rules we set up to allow email in/out through TMG.  We decided that with our external spam/virus protection service, and our back end scanning capabilities, that we didn't need the hassle.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question