IIS SMTP service as anSMTP Gateway to Exchange 5.5
From: Tim (bigeasy911_at_hotmail.com)
Date: 02/18/04
- Next message: Phil McNeill: "Re: Message size limits in 5.5"
- Previous message: Fast Eddie: "Re: address does not resolve to a "friendly name" inbound from internet"
- Next in thread: Arlo Clizer [MVP]: "Re: IIS SMTP service as anSMTP Gateway to Exchange 5.5"
- Reply: Arlo Clizer [MVP]: "Re: IIS SMTP service as anSMTP Gateway to Exchange 5.5"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 18 Feb 2004 13:20:09 -0800
I could use some input on what I am proposing below.
Setup: Win2K wiht IIS 5.o SMTP service setup relaying to
a NT 4.0 Exchange 5.5 box. (this is all working great)
I have this setup to allow for Spam and Virus filtering
amoung other reasons.
Side note: because of things out of my control both oxes
are avaible to the internet on some ports POP SMTP RPC
etc.. I can't change this.
Here's my problem: With this MyDoom virus I have noticed
a problem with my present setup. Because I have POP3
users as well. They acccess the back exchange box. We
have an A record for it. and an MX for the Relay server.
Now the problem. Some of the vrius and SPAM mail (not
actual real mail) I have seen coming in is going straight
to the Exchange box bypassing the IIS 5 SMTP Box. Of
course it is accepted as it is labeled to a @mycompany
address.
So I want the exchange IMS to only accept connections from
authenticated clients and the SMTP Relay Box to stop this.
All internet mail should have to go thru the SMTP Relay
box with out exception.
Here's what I am proposing: In the Exchange admin under
the IMS properties go to the connections tab. Then under
the "Accept Connection" area check "Only From Hosts
Using : and choose "Authentication". Then I think I would
have two choices at this point I could change the remote
rely on the IIS SMTP box to use a username and password to
authenticate to the Exchange Box or on the Exchange box
in the IMS connection tab I could click on the "Specify by
Host" button and add to accept from the SMTP Relays IP
address. Then I could technically forgo the username and
password. Either way I guess would be fine given teh
situation.
Does this sound correct ? Will my remote end users still
be able ot POP3 and SMTP up there info and will all proper
mail go thru from the SMTP Relay box to the Exchange box.
By the way under routing then routing restrictions I do
have it set to prevent illegal relaying I have checked
only users that authernicate and also only from these IPs
and left it blank. This goes for the relay box as well.
Thanks for all your help
Tim
- Next message: Phil McNeill: "Re: Message size limits in 5.5"
- Previous message: Fast Eddie: "Re: address does not resolve to a "friendly name" inbound from internet"
- Next in thread: Arlo Clizer [MVP]: "Re: IIS SMTP service as anSMTP Gateway to Exchange 5.5"
- Reply: Arlo Clizer [MVP]: "Re: IIS SMTP service as anSMTP Gateway to Exchange 5.5"
- Messages sorted by: [ date ] [ thread ]
