Solved

Selective relay for MS Exchange 2003

Posted on 2013-02-05
5
464 Views
Last Modified: 2013-02-06
Hi All,

I have a Exchange 2003 front/back end setup and I have a requirement that we allow external members of a distribution list to send to everyone in the dist. list, even other external members. That's relaying, so I'm trying to figure out a way to allow this to happen and not make both of my Exchange servers open relays.

My testing so far indicates that making the internal server an open relay doesn't work because the external server refuses to relay the external recipients. I don't want to make the external server an open relay because we'll get blacklisted.

Does anyone have ideas on how to solve this problem?
0
Comment
Question by:rdropp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 11

Expert Comment

by:hecgomrec
ID: 38859211
If these people are not "on the go" I can suggest you to authenticate or validate the relay for their IP addresses.

Another solution is to get them authenticated in your domain and select on your connector that only authenticated users can relay.

Good Luck
0
 

Author Comment

by:rdropp
ID: 38859475
Unfortunately, they are at large external instutitutions and universitites. I don't think I can reliably identify a single IP address or even a range for their email servers and authentication is also not feasible either.
0
 
LVL 12

Accepted Solution

by:
FDiskWizard earned 500 total points
ID: 38859890
I'm trying to make sure I'm understanding your requirements.

Anyone on the list needs to be able to email the distro list? right?

That isn't exactly relaying... That's a distro list sending to members of the list.

Just thought of something and looked at one of our internal lists to verify. I think under the Exchange General TAB you select: "Accept Messages...  ONLY FROM:  "
and add the Distro List so that members of the list can send to it.
0
 

Author Comment

by:rdropp
ID: 38860538
It's a good point and helped solve the problem. The issue was that the expansion server was left as the default "any server in the organization", and we had the accept messages field set to "from everyone" . The problem is that the front end server is both faster and locked down, so it did most of the expanding and rejects all mail from non-internal addresses. Setting the expansion server to the internal server fixed the problem, since it can access the dist list and see that it's not relaying (as you correctly point out).

I've also reset the accept messages field to  the distribution list only, so that it's less likely to become a mini spam vector.

Thanks!
0
 

Author Closing Comment

by:rdropp
ID: 38860547
It was a thoughtful question and suggestion that led me to the solution, even though it didn't directly solve it. I really appreciate it.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question