Re: Publishing SMTP servers on the internal network.

• From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 30 Dec 2003 02:06:03 -0800

http://www.ISAserver.org


If the server is in the DMZ, using a public IP address with a subset of the
assigned block of Public IP addresses you have from your ISP, that server in
the DMZ will be seen with its assigned IP address.

 

Servers on the LAN or on a private IP based DMZ will be seen with the
default public IP address of ISA.

 

The absolute best resource is Dr. Tom's book, ISA server and Beyond. There
is a lot of information in there about DMZ zones.

 

For now, I am going to sleep. 19 hours is enough. 

 

John Tolmachoff

Engineer/Consultant/Owner

eServices For You

 

-----Original Message-----
From: Risun Antony [mailto:risuna@xxxxxxxxxxxxx] 
Sent: Tuesday, December 30, 2003 12:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Publishing SMTP servers on the internal network.

 

Hi John

 

There you go John, can i have more guidelines on this? Could you point to 

some articles or How-to-do's on this. Really appreciate the help.

 

By the way, just for knowledges sake, Suppose i have only a single Mail
server to be published.

>From what i understand the outbound messages will leave using the Default IP
of the ISA server.

In this scenario, an outbound message, which is destined to a mail server
that requests that the 

source IP should resolve, will it not fail???? 

 

Thanks again all.

 

Risun Antony

Technical Support Engineer

Oriensoft Technologies Pvt. Ltd.

Tel: +91-22-56975275  Fax: +91-22-56976764

 

  _____  

From: John Tolmachoff (Lists)
Sent: Tue 12/30/2003 1:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Publishing SMTP servers on the internal network.

http://www.ISAserver.org

Now I understand.

 

Yes, in that case, you would put them in the DMZ with the DMZ configured
with public IP addresses. Then you use rules instead of publishing. By using
rules, they use their IP address.

 

John Tolmachoff

Engineer/Consultant/Owner

eServices For You

 

-----Original Message-----
From: Risun Antony [mailto:risuna@xxxxxxxxxxxxx] 
Sent: Tuesday, December 30, 2003 12:06 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Publishing SMTP servers on the internal network.

 

http://www.ISAserver.org

Hi All

 

Thanks for the resonse and do appreciate your concern John.

We are a hosting company and have 10 or so Mail Servers that are already on
the internet.

What i am trying to do is to give it some protection if possible, by
bringing it behind a firewall, and publishing the same.

And yes i am aware of the fact that i cannot have multiple SMTP servers
using a single IP. 

All my SMTP servers and Web servers have their own Public IP addresses.

Even though i have separate IP addresses for my Mail Servers, I wont be able
to publish my SMTP servers 

because ISA uses its default IP address for outbound messages and doesnot
use the IP address that i bind it to.

 

Yes, Jim i get the idea that this is by design. I was wondering how would
publishing 

my SMTP servers work if i would keep them in the DMZ zone?!?! I guess it
would again use 

the default IP address on that interface, right? As you said "By default,
all traffic leaving a 

Windows server leaves on the default IP"  thats what i can expect. Thanx for
the reply again.

 

 

Risun Antony

Technical Support Engineer

Oriensoft Technologies Pvt. Ltd.

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
risuna@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
johnlist@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.
• » Re: Publishing SMTP servers on the internal network.

1. Home
2. isalist
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---