Re: exchange resolving dns? not supposed to!

Tech-Archive recommends: Speed Up your PC by fixing your registry

The smart host entry is an IP address (in brackets) of the mail server
gateway in our DMZ. This has worked in the past. Just to test it, i removed
the other subdomain's connector. all mail not hosted by exchange should go
through this DMZ now.

Also, someone suggested temporarily setting up the SMTP virtual server's
smart host field and deleting the connector. I tried this, but then all the
mail just queued up in one queue per domain of recipient addresses. So I
undid this and put the outbound connector back in place. For now things are
back to the beginning where only 1 connector and messages are backed up in
and slowly moving out.


"Mark Arnold [MVP]" <mark@xxxxxxxx> wrote in message
news:3dfbg25sdu676qkg4r733q2rsg7c9efk7h@xxxxxxxxxx
On Mon, 11 Sep 2006 15:33:52 -0400, "GC Postmaster"
<gc_postmaster@xxxxxxxxxx> wrote:

Hello, our 2 ex2k3 backend servers send all outbound mail to an mta in our
DMZ which we use to send and receive mail between us and the outside
world.
However while diagnosing some errors, I saw that event ID 4003 was logged
many times by our exchange server but i can't figure out what it says
this:
"The domain 'comcast.net' is currently unreachable."

Shouldn't our exchange server not know this because it should just send it
to our mail gateway in the DMZ which is in charge of checking for server?
Is
there some way to double check that our exchange server isn't trying to
resolve and send the messages itself? We have an smtp connector with
address
space * and count = 5 (because we have a subdomain with count = 1) that
forwards all mail to smart host ( to ip address of gateway server in
dmz ).

Thanks!


That whole "count" thing is the wrong thing to do because the server
will look that up and send direct to the destination server. The
connector with the * will process messages that the AD doesn't "own",
not ones it does.

So, in the SMTP connector what does the smarthost say and what are the
diagnostics? Have you proven that it's working or are you not at that
diagnostics process yet?


.

Relevant Pages

  • RE: fedora-list Digest, Vol 6, Issue 266
    ... Re: OT: Setting up a forwarding mail domain in DMZ without ... Re: Sound Problem ... downloaded the yum.conf for fedora from Redhat's website. ... Server: Fedora.us Extras ...
    (Fedora)
  • RE: Webserver on a DMZ still needed?
    ... Certainly your suggestion to have a email server in a DMZ but still have ... having the exchange server on the internal LAN with only the smtp ports ... Talking of the financial cost of setup by the book vs the security cost ...
    (Security-Basics)
  • Re: nmap shows: 1863/tcp open, 5190/tcp open
    ... first from within the DMZ and the second from a private network behind ... a wireless router scanning the DMZ. ... tcpdump or equal - on the server as well as on the scanning system. ... I don't like the idea of my gateway, ...
    (comp.os.linux.security)
  • Re: TS 2008 Web Access with RDP
    ... other machines on the internal network. ... Yes the TS Gateway is on the Server in the DMZ, ...
    (microsoft.public.windows.terminal_services)
  • Re: FE-BE configuration
    ... I think the cheapest and easiest solution would be to install an SMTP ... your single exchange server on your LAN, that way you do not allow inbound ... scanned for viruses or spam (offloading resources to the smtp gateway rather ... you can just install IIS SMTP on the dmz server and harden the OS. ...
    (microsoft.public.exchange2000.admin)