Solved

exchange 2003 dns / smtp changes

Posted on 2013-12-09
1
214 Views
Last Modified: 2014-01-02
i have an exchange 2003 server on sbs.  it's currently setup to send and receive only through googles postini spam filter service.  i'm getting rid of postini and want to make sure i'm doing everything correct.  here's my list of what i need to do

1. change smtp connector settings to use DNS to route instead of forwarding through postini smart host

2. change smtp virtual server connection control under access tab to allow all ip addresses to access this server (i'm not sure on how to allow all here, as my choices are; only the list below or all except the list below) also i'm not sure if this is best practice or not

3. change any firewall settings to allow external connections to exchange

4. change mx records for my mail domain to point to my server instead of the postini server

my quetions are:
1. is what i listed above best practice?

2. do i have to make changes to my reverse pointer with my isp. right now my servers ip address points to my mail domain which i believe is correct and should remain unchanged

3. how to i setup exchange to accept connections from all ip's under note #2 above?

4. is there anything that i'm missing?
0
Comment
Question by:scraby
1 Comment
 
LVL 19

Accepted Solution

by:
xterm earned 500 total points
ID: 39707853
1.  What you've listed is minimal practice just to get it working... there's not really anything here that is considered optional.  Just keep in mind when modifying the firewall that you probably want to leave everything else blocked in the firewall except for the ports you want to expose (25/tcp of course, but 443 if you want to allow Webmail externally, 465/587 if you want to allow authenticated SMTP, etc.)

2.  The only thing that matters about your inverse record is that it matches the forward A record.  So if your MX record is mail.yourdomain.net and it resolves to x.x.x.x, then you need to make x.x.x.x resolve back to mail.yourdomain.net - if they already match, there's nothing to be done.

3.  Choose all except the list below, and leave it empty if you have no hosts to block.

4.  Shouldn't be - I figure originally you probably only had to toggle a few things to get it to work with Postini, and now you're just changing them back.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question