Solved

Exchange 2007 Smarthost Configuration for Specific Domains

Posted on 2013-06-25
6
643 Views
Last Modified: 2013-06-25
Hello All,

I've been battleing this worm for the past week or so.. The threat has been removed, but the reprocussion sucks. :/

Just as a background of whats going on:

1. I setup a firewall rule to block all port 25 traffic except from the exchange server
2. I noticed there were a handful of domains queued and failed due to poor rating
3. I contacted ISP and configured the smarthost on my default send connector and that seems to have resolved the delayed issues (yay!)

Now, my concern is.. I would like to keep our exchange on DNS as much as possible in order to have more control on the mails sent.  Now, originally there were only about 8-10 domains that were giving issues in the past 48 hours.

I did some reading and asking, and found out I am able to setup another send connector and add only the domains specific that are giving issues to send through the smarthost.. I wanted to post this to verify I am doing this correctly, as this would be my first time implementing this configuration.

## smathost configuration for domain specific ##

1. Name : Smarthost for specific domains
     Indended use for this connector : Internet
2. Address Space:
-*aol.com | cost 1
-*firstma.com | cost 1
3. Route mail through the following smart host:
-smarthost.isp.com
4. Authentication : None
5. Source Server : my exchange server

## end ##

-Please let me know if this is the proper setup?  

-Do I need to add the asterik before the domain names in the address space, or could I have just added aol.com | cost 1?

-Do I need to edit my DEFAULT DNS send connector and change the cost on the address space for  "*" as 5?

-By doing this, I am verifying that every email send to a user at aol.com or firstma.com will be routed through the smarthost, and all other emails not listed in the address space will be routed through the DNS correct?
0
Comment
Question by:Coupee46
  • 3
  • 2
6 Comments
 
LVL 42

Expert Comment

by:Amit
ID: 39275714
Would you share that article you read.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39275810
You are doing it the correct way.  You should leave your Default SEND Connector with DNS and then just create a new SEND Connector and add the problem domains to the Scope of the SEND Connector and add the Smarthost IP / FQDN to it and leave it at that.

Then most of your mail will route via DNS and only the problem domains will be sent via the Smarthost.

In case you want a step-by-step guide:

http://support.prolateral.com/index.php?/Knowledgebase/Article/View/117

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275813
Thanks Alan! I will give this link a read today and implement this later this afternoon.  :)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275815
No problems - shout if you have any questions.

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275842
Alan,

Actually a couple quick questions...

add the problem domains to the Scope of the SEND Connector
1. So this is the same as adding the problem domains under Address Space (in the new send connector).. Do I need to check the "Scoped Send Connector" box as well?

2. Under the Network tab... Do I need to check off the "use the external dns lookup..." box as well, as stated in that link you had sent?  

**These options were not selected on the "default" send connector, so wasn't too sure if I would need to enable them on the "new" send connector I would be creating for the problem domains, as well? **

Side Note : for my own knowledge.. what is the difference when assigning "default" send connector with a cost 5 and the "new" send connector as a cost 1?
0
 
LVL 1

Author Closing Comment

by:Coupee46
ID: 39276644
Thanks again Alan! It worked like a charm, and turns out my IP has been updated to Neutral, so I can go back to DNS again.
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This video discusses moving either the default database or any database to a new volume.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now