Avatar of Gospodin Rasputin
Gospodin Rasputin
 asked on

Outbound e-mails rejected by ISP's smarthost

My ISP has issued a public IP address to be used by my exchange server. However, when I send an external e-mail it bounces back as Undeliverable: The following organisation rejected your message:SMTP smarthost address.

I have spoken to them and they have said that the smarthost will only accept to relay if the e-mails appears to be coming from the public IP they issued me. My exchange sits behind and ISA 2006 server and I have specified the  Internal IP of the Exchange Server in the 'This rule applies to traffic From and in Traffic to I have set that to external. But when I send e-mails to external recipients, I get a"SmartHost #550 Relaying not permitted (3.7).

Where in ISA 2006 do I specify the public IP address as Natting for outbound traffic does not seem to be available on ISA.

Also, is there a way for me to find out what IP the smarthost is seeing my e-mail as coming from?

Thank you.
ExchangeMicrosoft Legacy OSMicrosoft Forefront ISA Server

Avatar of undefined
Last Comment
Gospodin Rasputin

8/22/2022 - Mon

Check with the ISP to see whether your server has to authenticate first.
if you have multiple connections from different ISPs the connection when this error occurs is originating from a different ISP than the one providing the smart host.

Http://whatismyip.com from the mailserver.
Gospodin Rasputin

When I do whatismyIP, it returns the IP of our whole network rather than that issued specifically for the Exchange server. I think the error is due to how ISA is presenting the e-mil traffic from our exchange. The ISP beleives this traffic should be presented as coming from the Public IP 212.x.x.5, but it is presenting as as coming from 82.x.x.117.

The question is how and where on ISA to make the traffic appear as going out from the 212.x.x.5 public address (which is the public address specifically reserved for use with the Exchange Server.

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Gospodin Rasputin

I also found the following post useful https://www.experts-exchange.com/Microsoft/Windows_Security/Q_23891905.html  which agrees with what pwindell is syaing above.

But i was wondering, where you have multiple external NICs coming off the same ISA, would a product like IP binder be useful as you cannot have more than one Primary IP of the ISA's External Nic?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes