RE: Back to back DMZ Exchange and SMTP relay
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 30 Apr 2003 11:42:31 -0500
Hi Gillain,
They might be a problem with the Server Publishing Rule on the internal
ISA Server. Here's what I do when this kind of thing happens:
Run NetMon on the SMTP Relay
Run NetMon on the external interface of the internal ISA Server
Run NetMon on the Exchange Server on the internal network
If the packets make it to the Exchange Server, it indicates an Exchange
config problem -- then John Tolmachoff will have to take over, becuase I
only understand the very basics of Exchange :)
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp>
-----Original Message-----
From: Gillian Cook [mailto:gcook@xxxxxxx]
Sent: Wednesday, April 30, 2003 10:40 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ Exchange and SMTP relay
http://www.ISAserver.org
Yes, the [external interface of internal ISA server] for the
Remote Domain config. This is correct, yes?
-----Original Message-----
From: Edward Sullivan [mailto:esullivan@xxxxxxx]
Sent: Wednesday, April 30, 2003 10:45 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ Exchange and SMTP relay
http://www.ISAserver.org
Meant to ask that question of Gillian. Anyway, whoever,
did you specify the Smart Host in your configuration?
-----Original Message-----
From: Edward Sullivan
Sent: Wednesday, April 30, 2003 9:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ Exchange
and SMTP relay
http://www.ISAserver.org
Winston, did you specify that your frontend mail
server should use the Exchange server as its Smart Host?
Ed Sullivan
IT Director
esullivan@xxxxxxx <mailto:esullivan@xxxxxxx>
KMA Direct Communications
Confidential and Proprietary
-----Original Message-----
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, April 30, 2003 9:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ
Exchange and SMTP relay
http://www.ISAserver.org
Hi Winston,
Perhaps we're not talking about the same
thing. But if you want to put an SMTP relay on the DMZ that relays
inbound and outbound mail, and an Exchange Server on the internal
network, there is NOTHING to prevent it from working. That's why its
always works :-)
Putting Exchange in the DMZ does NOT
work, because you've just exposed your user accounts and internal
security zone to the public, and you certianly do *not* want to do that!
Your setup may have factors outside of
these very basic constraints.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
<http://www.isaserver.org/shinder>
ISA Server and Beyond:
http://tinyurl.com/1jq1
Configuring ISA Server:
http://tinyurl.com/1llp <http://tinyurl.com/1llp>
-----Original Message-----
From: Winston Akin-Cole
[mailto:wcole@xxxxxxx]
Sent: Wednesday, April 30, 2003 9:10 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ
Exchange and SMTP relay
http://www.ISAserver.org
Sorry but according to MS this setup
does not work. My company was going to do the B2B setup but after
spending a couple of days with MS they could not resolve the e-mail flow
problem. The only way to get it to work is if you put the EXCH in the
DMZ zone. We had to change our design. Let me know if anyone has been
successful in this design.
-----Original Message-----
From: Gillian Cook
[mailto:gcook@xxxxxxx]
Sent: Wednesday, April 30, 2003 10:01 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Back to back DMZ
Exchange and SMTP relay
http://www.ISAserver.org
Sorry I wasn't clear.
Mail is flowing from the internal
network to the Internet via B2B ISA's and DMZ SMTP server. Mail is NOT
flowing from Internet to the DMZ SMTP rely to the internal mail server.
Still curious the best way to
troubleshoot this. I did double-check the server publishing rules and
the remote domains config on the DMZ SMTP mail relay server. Maybe I'm
missing something obvious but can't find it.
Hhmmm.... Any ideas?
TIA,
Gillian
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion List as: esullivan@xxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion List as: esullivan@xxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org
Discussion List as: gcook@xxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
