Are you using a stand alone machine in your DMZ to do your mail relay? Or is it located on your web server? Thanks, Joseph -----Original Message----- From: michael [mailto:mwisch@xxxxxxxxxxxxxxxxx] Sent: Monday, February 11, 2002 10:31 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA, Mailrealay and DMZ issues... http://www.ISAserver.org I am trying to configure our email to go through our DMZ which currently has a mail relay server, and I'm having a hard time getting email to go out. This is how I would like it configured. ISA SERVER = Trihomed Mail Relay = 192.168.XX.XX Exchange = 10.80.XX.XX Public = 63.68.XX.XX Private = 10.80.XX.XX DMZ = 192.168.XX.XX Email comes in and hits the ISA server (63.68.xx.xx) which has a SMTP protocol rule pointing all incoming email to the Mail Relay server (192.168.xx.xx). The Mail Relay Server than has a Remote Virtual SMTP Server established on IIS to point all incoming email to the Smart Host which is exchange(10.80.xx.xx). This configuration works fine for incoming email, but I can't seem to get things to work for outgoing email. When an internal users tries to send email, it first hits the exchange box, which has a SMTP connector pointing to the Mail Relay. The problem is that the mail relay server wants to send all incoming email to the exchange server, this obviously becomes a routing problem. If I tell the exchange server to use DNS instead of putting in the Mail relay server's IP address, the email goes out but avoids the mail relay all together, which defeats the purpose of what I'm trying to do. I have read a few articles and many of them mention the mail relay has to have a public address, but this then opens up the Mail relay server for intruders. Thanks in advance. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')