Re: IMF behind smarthost
- From: "Alexander Zammit [MVP]" <alex@respond_to_group>
- Date: Fri, 20 Jul 2007 20:06:29 +0200
If you were able to disable NDR generation from the smarthost, you would
still have NDRs generated by Exchange.
Note that there are different types of NDRs. Some may be generated by the
receiving email servers when it is unable to handle an email others may be
generated by the sending email server. The latter happens when the email is
rejected at SMTP protocol level.
I think the importnt point here is for you to understand how recipient
filteirng works. When Exchange blocks an email through this filter, Exchange
does NOT generate an NDR. It rejects the recipient at an SMTP Protocol
level.
The responsibility to generate the NDR is shifted to the last host sending
the email. In your case emails are being sent to Exchange by the smarthost.
However if Exchange were handling internet email directly. The responsiility
to generate the NDR would be shifted to the original email sender server.
--
Alexander Zammit
WinDeveloper Software
IMF Tune - Unleash the Full Intelligent Message Filter Power
http://www.windeveloper.com/imftune/
"John" <a> wrote in message news:utO7IQuyHHA.1132@xxxxxxxxxxxxxxxxxxxxxxx
"Alexander Zammit [MVP]" <alex@respond_to_group> wrote in message
news:egQzYamyHHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
1. Given your description only your smarthost IP is necessary.
Excellent. I'll test it later today.
2. Yes NDRs can be a problem. Can you disable the generation of NDRs at
the smarthost for internet originating emails?
I don't think I can disable NDR at the smarthost but I'll have a look at
it. If it's doable, don't I need NDRs for legitimate mail that bounce back
to senders? What if there's an oversize mail and the sender isn't informed
because there's no NDRs?
Something like recipient filtering should be done by he first host
receiving internet email. However in your case this is not an Exchange
machine...
Are you saying there's a difference if Exchange happens to be the directly
receiving internet mail? Does that mean Exchange won't generate NDRs for
bogus messages? Sorry I ask so many questions. Thank you.
--
Alexander Zammit
WinDeveloper Software
IMF Tune - Unleash the Full Intelligent Message Filter Power
http://www.windeveloper.com/imftune/
"John" <a> wrote in message news:OgVmzAmyHHA.5964@xxxxxxxxxxxxxxxxxxxxxxx
Thanks very much for your reply.
more inline...
"Alexander Zammit [MVP]" <alex@respond_to_group> wrote in message
news:eBNxMmlyHHA.4640@xxxxxxxxxxxxxxxxxxxxxxx
Yes Connection Filtering works in your setup. You just need to enter
the IP of the smarthost as follows:
1. From the ESM open the properties for Global Settings | Message
Delivery
2. Under General page click on Add to bring the IP List.
3. Enter the smarthost IP here.
Before I add it, I'd like to be sure. I only have to add 1 (smarthost)
IP address there, correct? I don't have to include my Exchange IP
address, right?
If you enable Recipient Filtering, your smarthost would generate the
NDRs for invalid recipient addresses.
Ummm.. that's not good especially these days spammers send mail to some
random names at our domain. I'm guessing there will be a lot of NDRs if
I enable recipient filtering. Since most spammers don't provide good
return address, NDRs are retried until expired, right?
Do you (or other Exch admins) see a lot of NDRs in the queue because of
this type of spam? How do you handle this problem?
--
Alexander Zammit
WinDeveloper Software
IMF Tune - Unleash the Full Intelligent Message Filter Power
http://www.windeveloper.com/imftune/
"John" <a> wrote in message
news:u41Lp7jyHHA.1208@xxxxxxxxxxxxxxxxxxxxxxx
Oops... I left out my firewall. Message flows should be as follows:
the internet --> firewall --> smarthost (DMZ) --> exchange2003 (LAN)
and the other way around for outgoing message. All (in/out) internet
messages are routed thru the smarthost.
"John" <a> wrote in message
news:uc77N5jyHHA.3696@xxxxxxxxxxxxxxxxxxxxxxx
#1 IMF, Connection Filtering
Does Exch2003 IMF and Connection Filtering work properly behind a
smarthost? Message flows as follows: the internet --> smarthost -->
exchange2003 (and the other way around for outgoing mail). I manage
both smarthost and Exchange box at this office. I enabled SMTP
virtual server logging. I don't see the actual IP address of the
sending mail server. I see my smarthost IP address instead. That's
why I doubt that IMF, Connection Filtering will work. How do I use
those features in this type of environment where Exchange SMTP does
not "talk" directly with machines on the internet?
#2 Recipient Filtering
At the moment the firewall is configured to allow incoming messages
sent to a list of users (manually entered on the firewall). The rest
is rejected by the firewall. There are no NDRs generated by Exchange
or the smarthost. I'd like to use recipient filtering feature so I
won't have to worry about entering a new email address whenever
there's a new mailbox. If I enable Recipient filtering, will exchange
send an NDR if an incoming mail is sent to non-existent address? I'm
afraid that it'll flood my server with thousands of NDRs.
.
- Follow-Ups:
- Re: IMF behind smarthost
- From: John
- Re: IMF behind smarthost
- References:
- IMF behind smarthost
- From: John
- Re: IMF behind smarthost
- From: John
- Re: IMF behind smarthost
- From: Alexander Zammit [MVP]
- Re: IMF behind smarthost
- From: John
- Re: IMF behind smarthost
- From: Alexander Zammit [MVP]
- Re: IMF behind smarthost
- From: John
- IMF behind smarthost
- Prev by Date: Re: Restore of Old Mailbox Store - Duplicate Mailboxes Cause Issue
- Next by Date: Re: Auto-Accept Agent settings
- Previous by thread: Re: IMF behind smarthost
- Next by thread: Re: IMF behind smarthost
- Index(es):
Relevant Pages
|
