Re: Connection Filtering Allow IPs and Exchange 2003 SP2

Tech-Archive recommends: Speed Up your PC by fixing your registry

andrew.schmitt@xxxxxxxxx wrote:

>We've recently upgraded our servers to Exchange 2003 SP2 and ever since
>the connection filtering's allow IP list seems to disregard the fact
>that we have our entire internal network in the connection filtering
>allow IP list. Messages still get stamped with SCL levels

SCL's aren't associated with connection filtering. SCL's are assigned
by the IMF. If connection filtering was doing anything it would be
dropping the connection, not assigning a SCL.

Have you put the IP address range(s) of your internal network(s) into
the "General" tab on the Mesage Delivery object's property page?

>from other
>internal non-exchange smtp servers, such as web servers that send
>messages to employees. We can't use authenticated sessions from these
>servers as they sometimes have to appear from different users.

How many Exchange servers do you have? Do all of them receive mail
from outside the company? If you hae more than one, and only one (for
example) accpts mail from the Internet, then turn off the IMF on the
other SMTP Virtual Servers.

>The interesting thing is that when we send something from our external
>network, the allow ip list holds true and no scl is stamped.

Maybe this is caused by the SenderID filter? Have you published
information in SPF format in your DNS that authorizes those other
servers to send mail on behalf of your domain? Is the PRA checking
causing the problem (or, put another way, are those other servers
using the RFC2822 headers correctly)?

>I know
>that there is a different algorithym used to parse message headers with
>the new SenderID config, but I don't know why any connection filtering
>is occuring on our internal network.

If you're receiving mail from those internal servers then Connection
Filtering isn't your problem. :)


--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Don't send mail to this address mailto:h.pott@xxxxxxxxxxxxx
Or to these, either: mailto:h.pott@xxxxxxxxxxxxxxx mailto:melvin.mcphucknuckle@xxxxxxxxxxxxx mailto:melvin.mcphucknuckle@xxxxxxxxxxxxxxx
.

Relevant Pages

  • Re: Exchange 5.5 Site Design Question
    ... In terms of connecting Exchange servers across a WAN in the same site, ... Our connection is fairly quick with low latency. ...
    (microsoft.public.exchange.design)
  • Re: Help me with shared XP Prof.
    ... >Ethernet adapter Local Area Connection: ... > Master browser name is: ... > 2 backup servers retrieved from master COMP_3 ... Let's see what we know from these 3 computers. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Network Connectivity Problem
    ... I am having a network connectivity problem with a number of Windows ... All servers are virtualised on VMWare ESX 2.5 ... I could not figure out why the network connection was ...
    (microsoft.public.windows.server.networking)
  • Re: Exchange 5.5 Site Design Question
    ... Exchange 5.5 uses sites to define high-speed connection and administrator ... By putting a WAN in the middle, ... > In terms of connecting Exchange servers across a WAN in the same site, ...
    (microsoft.public.exchange.design)
  • Re: o2 xda mini s - gprs settings
    ... Settings> Connections> ... Advanced Button> Servers tab "Use specific server address" ... Enter name for the connection "My O2 Connection" ... Existing Connections and then Tap Edit (if this isn't present then tap 'Add ...
    (uk.telecom.mobile)