Re: SMTP publishing

From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Mon, 19 Dec 2005 09:27:42 -0800

Like where they say NOT to put a FE in the Perimeter? :-p (p.s. it does NOT take extensive connectivity to AD to work. I don't even allow the DC's or the internal exchange servers to hit the Perimiter network from the inside out, and everything still works just fine, though the first time you connect forces Kerberos-Sec UDP is just a tad slow, but after that it is fast ;)

I'll check it out- thanks dude.
t


-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, December 19, 2005 9:11 AM Subject: [isalist] Re: SMTP publishing


http://www.ISAserver.org

Enable SMTP service logging and get ready to fire up NetMon, but take a
quick read of this great article that will shed some light on possible
SMTP service issues and SMTP filtering at the ISA firewall.

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/firewall-exch
ange2003.mspx

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Monday, December 19, 2005 10:54 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: SMTP publishing

http://www.ISAserver.org

Yo-

I too have this funky issue with SMTP publishing just on this
one box.  This
one is an External, Internal, Perimeter Network setup-- when
I go to publish
from the External IP to the Perimeter segment, the rule is in
place just
fine, but I get the Default Rule denied the traffic.  It
showed that it
denied SMTP (not SMTP Server, btw) from the External to Local
Host. The
network segments are set up correctly, with the right IP's
and all.  The
perimeter network is set to route.  It just won't work.

The only thing different about this box is that this is the
one that still
shows "192.168.7.180" in my Domain Controller built-in
Computer Sets that it
won't let me edit out.  I did the whole ADSI Edit thing and
ntdsutil, but
that site was gracefully removed, and it no longer referenced
anywhere.  Odd
thing is that my perimeter network is 192.168.3.0 255.255.255.0 (NOT
192.168.7.0) so I'm not sure what all the hubbub is about.

Jim?  Tom?  Anyone?


-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

----- Original Message ----- From: "Bunting, Jeff" <BUNTING@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, December 16, 2005 11:03 AM Subject: [isalist] SMTP publishing


> http://www.ISAserver.org
>
> I just created a rule to publish SMTP from my Exchange 2003
server, but
> I'm
> getting 0x8007274c errors on the ISA server when I try to
telnet to port
> 25.
> I do establish a connection, but get no response.
>
> The Exchange server is a front end server and I have OWA
and RPC over HTTP
> published through ISA  for this same server.  I can telnet
to this server
> internally.
>
> I don't see anything written to the smtpsvc logs on
Exchange and a netstat
> doesn't show any connection from the ISA server, so it
looks like the
> external telnet connection to ISA is made OK, but traffic
isn't making it
> from ISA to Exchange.
>
> Also, I can make a telnet connection from the console of ISA to the
> Exchange
> server.
>
> I'm stumped.  Anyone have an idea?
>
> Jeff
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org
Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx

Re: SMTP publishing

Other related posts: