Re: SBS2k3 group addressing problem (MS Xchng)



In news:34D06894-EE43-4305-A157-F5F46A6A7FB0@xxxxxxxxxxxxx,
syndata <syndata@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
>> When you say group, do you mean a distribution
>> list created in Outlook?
>
> Yes... thank you for clarifying. I appreciate your help, and I will
> try using mail merge instead.

It's a lot nicer. Although Exchange/Outlook are still pretty much crap at
managing bulk mail, and a listserver would be a better choice if this is a
frequent need.
>
> As for running a DMZ, yes that would be ideal with an SMTP server in
> it (it would have also added some functionality that would be nice
> for the client, including remote access).

Well - I don't know what kind of remote access this would give you....but it
is a good way to lock down your mail delivery.

> My philosophy to make
> something as secure as absolutely possible when working with
> extremely sensitive data.

Sure - but on the topic of security, note that your POP account credentials,
and mail transfer, are all taking place in clear text, visible to anyone who
cares, tho.

> While port 25 is not usually a security
> risk, I would prefer to not have an, as of yet, undiscovered security
> hole in Win2003 server exploited through it when I have another way
> of implementing. I understand that there are much larger risks to
> the system than this, but it leaves one less thing to cover. Why not
> block holes when you can?

Understood.
>
> I have had POP3 connection trouble in previous versions of SBS
> (meaning management headache), but the small number of users and the
> opportunity to close all ports outweighed the small management
> benefit. Budget is a huge concern for the client as they are a
> non-profit entity upgrading on a shoe-string or else your suggestion
> for a DMZ type of arrangement would have been ideal.

You can easily create a DMZ, and get a Postfix box in there, if this is a
concern. Frankly, for a small office, I really wouldn't bother. Not my call,
of course...
>
>
>>
>>
>> In news:D86D4995-EEB0-44A0-B90F-4F64E35B7D67@xxxxxxxxxxxxx,
>> syndata <syndata@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
>>> Hi all,
>>> I just recently switched a client from WinNT to SBS2003 server.
>>> Everything is runing well with internal and external mail, except
>>> for one thing.
>>>
>>> I am having a problem with a large number of undeliverables to known
>>> good addresses outside our domain when the users use assigned groups
>>> for large amounts of receipients. When an e-mail goes out to a user
>>> defined group of 15 recipients or more, 20 to 30% of the group
>>> addresses come back with an undeliverable message. The user then
>>> has to resend the message to the "undeliverable" addresses.
>>>
>>> We are using multiple (9) POP3 connectors for mail delivery to the
>>> server, and I cannot open the firewall ports to allow for an MX
>>> account due to the amount of sensitive data stored internally.
>>>
>>> Everything else Xchng related is doing well including scheduling,
>>> internal mail... etc. Anyone have a fix?
>>
>> Perhaps OT, but opening up port 25 inbound is rarely a security
>> risk....and if it is, it's simple enough to set up another SMTP
>> server in your DMZ that can accept mail for your domain and relay it
>> to your Exchange server...so the latter accepts connections only
>> from the relay server's IP address. The POP connector is a kluge,
>> and is not recommended - and with 9 of them, I'd hate to have to
>> manage it.
>>
>> That said, the POP connector is not the most likely culprit, because
>> mail is sent using SMTP, not POP. When you say group, do you mean a
>> distribution list created in Outlook? Mail merge to electronic mail
>> may work a lot better, and you can use categories to make it easier
>> to select the recipients. Note that with mass mail, if one of the
>> addresses is malformed or delivery to it fails for some reason, it
>> can hang up the whole lot, resulting in the problems you mention.
>> But you should check to see what the number of recipients is limited
>> to in your virtual SMTP server...and if you forward all outbound
>> Internet mail to a smarthost, check with the people who manage that
>> SMTP server to see what their limit might be.


.

Relevant Pages
Loading