Solved

Exchange 2007 Smarthost Configuration for Specific Domains

Posted on 2013-06-25
6
663 Views
Last Modified: 2013-06-25
Hello All,

I've been battleing this worm for the past week or so.. The threat has been removed, but the reprocussion sucks. :/

Just as a background of whats going on:

1. I setup a firewall rule to block all port 25 traffic except from the exchange server
2. I noticed there were a handful of domains queued and failed due to poor rating
3. I contacted ISP and configured the smarthost on my default send connector and that seems to have resolved the delayed issues (yay!)

Now, my concern is.. I would like to keep our exchange on DNS as much as possible in order to have more control on the mails sent.  Now, originally there were only about 8-10 domains that were giving issues in the past 48 hours.

I did some reading and asking, and found out I am able to setup another send connector and add only the domains specific that are giving issues to send through the smarthost.. I wanted to post this to verify I am doing this correctly, as this would be my first time implementing this configuration.

## smathost configuration for domain specific ##

1. Name : Smarthost for specific domains
     Indended use for this connector : Internet
2. Address Space:
-*aol.com | cost 1
-*firstma.com | cost 1
3. Route mail through the following smart host:
-smarthost.isp.com
4. Authentication : None
5. Source Server : my exchange server

## end ##

-Please let me know if this is the proper setup?  

-Do I need to add the asterik before the domain names in the address space, or could I have just added aol.com | cost 1?

-Do I need to edit my DEFAULT DNS send connector and change the cost on the address space for  "*" as 5?

-By doing this, I am verifying that every email send to a user at aol.com or firstma.com will be routed through the smarthost, and all other emails not listed in the address space will be routed through the DNS correct?
0
Comment
Question by:Coupee46
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 43

Expert Comment

by:Amit
ID: 39275714
Would you share that article you read.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39275810
You are doing it the correct way.  You should leave your Default SEND Connector with DNS and then just create a new SEND Connector and add the problem domains to the Scope of the SEND Connector and add the Smarthost IP / FQDN to it and leave it at that.

Then most of your mail will route via DNS and only the problem domains will be sent via the Smarthost.

In case you want a step-by-step guide:

http://support.prolateral.com/index.php?/Knowledgebase/Article/View/117

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275813
Thanks Alan! I will give this link a read today and implement this later this afternoon.  :)
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275815
No problems - shout if you have any questions.

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275842
Alan,

Actually a couple quick questions...

add the problem domains to the Scope of the SEND Connector
1. So this is the same as adding the problem domains under Address Space (in the new send connector).. Do I need to check the "Scoped Send Connector" box as well?

2. Under the Network tab... Do I need to check off the "use the external dns lookup..." box as well, as stated in that link you had sent?  

**These options were not selected on the "default" send connector, so wasn't too sure if I would need to enable them on the "new" send connector I would be creating for the problem domains, as well? **

Side Note : for my own knowledge.. what is the difference when assigning "default" send connector with a cost 5 and the "new" send connector as a cost 1?
0
 
LVL 1

Author Closing Comment

by:Coupee46
ID: 39276644
Thanks again Alan! It worked like a charm, and turns out my IP has been updated to Neutral, so I can go back to DNS again.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
This video discusses moving either the default database or any database to a new volume.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question