Solved

Incoming email to SBS 2008 through Watchguard XTM 22 11.4

Posted on 2011-03-04
5
1,429 Views
Last Modified: 2012-05-11
Hi there,
I'm new to Watchguard Firewall devices, but I have an XTM 22 running Fireware 11.4 and I am attempting to set it up with an SBS 2008 running behind it using Exchange 2007.  I am able to send outgoing mail and browse the internet.  I have the SMTP firewall rule setup as I think it should be - however, when I attempt to send a test message externally, I receive a response similar to the following:

said: 550
    Requested action not taken: mailbox unavailable (in reply to MAIL FROM
    command)

I have 'googled' this a little, and found references to the SMTP proxy  settings causing this.  

Any ideas?




0
Comment
Question by:mphackett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 42

Accepted Solution

by:
paulsolov earned 250 total points
ID: 35044066
I would create a one to one NAT for the SBS Server.  

You can use a packet filter instead of SMTP proxy to validate whether SMTP proxy causing issue. Also look at the logs as you're sending out to see what's happing, also wouldnt hur to setup logging server as well on the system
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 35045797
Can you post sanitized screenshot of the policy configuration.
0
 
LVL 11

Assisted Solution

by:Old User
Old User earned 250 total points
ID: 35047342
I would recommend using policy based NAT rather than 1 to 1 NAT,
 
Open Policy manager.
Click on add policy- select packet filter and scroll down to SMTP
in the From box click add - select any
In the TO box click add - click add NAT
Use your external IP and for the internal IP use the SBS server IP Add Policy Add Policy 2 NAT Rule
0
 
LVL 11

Expert Comment

by:Old User
ID: 35047359
Fianl Rule
The final Rule
0
 

Author Comment

by:mphackett
ID: 35058237
Hi Guys,

Thanks for all of the responses - using a combination of the responses I received, I believe I have it behaving correctly.  I didn't have the NAT set up correctly, and I believe I caused more of my troubles by mis-reading a knowledge base article on the Watchguard website where it pointed to how to prevent becoming a relay for spammers.  

I'm sure I'll have more questions to throw your way as I implement this unit fully.

Thanks for all the help.....

Mike
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
how to add IIS SMTP to handle application/Scanner relays into office 365.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question