Forefront Protection for Exchange Broke Threat Management Gateway

I have an Edge server with Threat Management Gateway installed and properly configured to allow in/outbound mail flow.  Inbound email can only be received from our spam provider's relays, Postini to be specific.  

This was working fine until I installed Forefront Protection for Exchange.  After that, Postini's SMTP tests fail, and I get the following error in the Threat Management logs:

Log Type: Firewall Service
Status: No connection could be made because the target machine actively refused it
Rule: [System] Allow SMTP traffic to the local host for mail protection and filtering.

Under monitoring in TMG:
Email Policy – Configuration Failure
Description:  Command failed with error:  Cannot bind argument to parameter ‘Bindings’ because it is an empty collection.

There doesn't seem to be much in the way of configuration settings inside of FPE, I can't imagine what broke it, but I do know that mid-install, it had to restart the Transport role, and nothing's been the same since.

Help!


LVL 1
NAMEWITHELD12Asked:
Who is Participating?
 
Michael B. SmithConnect With a Mentor Exchange & Active Directory ExpertCommented:
Did you just install Exchange 2010 sp1? See here: http://blogs.technet.com/b/isablog/archive/2010/09/01/problems-when-installing-exchange-2010-service-pack-1-on-a-tmg-configured-for-mail-protection.aspx

Don't make any manual changes! Call PSS. I believe there is a QFE available.
0
 
NAMEWITHELD12Author Commented:
No on the SP1 -- the FPE installation was on the same disc as the install for the version of Exchange I loaded up...
0
 
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Where have you installed FPE - on the FTMG box running the edge service or on the Exchange server or both?
0
 
NAMEWITHELD12Author Commented:
Sorry, we abandoned the installation, never could get it to work. :(
0
 
NAMEWITHELD12Author Commented:
We discovered that the installation of the app was removing the rules we set up to allow email in/out through TMG.  We decided that with our external spam/virus protection service, and our back end scanning capabilities, that we didn't need the hassle.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.