RE: Exchange 2000 Inbound configuration issues on home network...again!

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Sun, 5 Oct 2003 20:21:39 -0500

Hi Marvin,
As you can see from my address, I use TZO. In fact, I use TZO for my
primary address because of their reliability and portability.
They automatically create an MX record and global, wildcard record for
Inbound mail for arrives at the external interface of
the ISA Server firewall.
An SMTP server publishing rule forwards the inbound SMTP mail to an IIS
SMTP relay on the internal network. The relay denies relay for all
domains except for those under my administrative control. I create
Remote Domains for those domains I do host, and configure those Remote
Domains to relay to an upstream smart host.
The smart host accepts relay for the domains I host and does spam and
virus filtering. It then forwards that mail to another upstream SMTP
This relay uses a different method of screening for viruses and spam. It
then relays unwhacked mail to the Exchange Server.
The exchange server has recipient policies enabled so that knows its
responsible for all mail for the domain I host. I also configure the
Exchange SMTP service to accept mail only from the IP address of the
downstream relay, and that relay must also be able to establish an SSL
session and use basic authentication within that SSL session. The
Exchange Server's SMTP service does not allow relay, even from
authenticated hosts. This is not a problem, because no host needs to
relay through the Exchange Server. No one uses this Exchange Server as
his SMTP server.
The Exchange SMTP server sends outbound SMTP mail to the ISA Server
firewall, which is acting as an SMTP relay (in the form of a smart host)
for the Exchange Server. This allows the ISA Server firewall to leverage
its role as a caching-only DNS server to resolve the MX domain names for
the SMTP service and I can do some rudimentary spam whacking/email
filtering using the ISA Server's SMTP Message Screener.
So, that's my personal tale of using TZO  :-)  
Thomas W Shinder 
ISA Server and Beyond: 
Configuring ISA Server: 

From: Marvin Cummings [mailto:marvc@xxxxxxxxxxxxx] 
Sent: Sunday, October 05, 2003 8:03 PM
To: [ExchangeList]
Subject: [exchangelist] Exchange 2000 Inbound configuration issues on
home network...again!
Wondering if anyone monitoring the list can assist me with a problem I'm
having trying to get inbound mail on my exchange server? I'm using TZO
for my web hosting and they also manage the MX record for the domain. I
use Bellsouth for my ISP and I know they're not blocking email or port
My home network looks like this: 
Exchange 2000 running on Windows 2000 Server. This server is on a
Windows 2003 network. I've created a host record for the Exchange server
using an internal private IP and I've also created a host record for
mail that contains the IP of my ISP. So I have: 
exchangesrvr - 192.168.x.x - Internal static IP
mail - 205.152.x.x - Bellsouth DNS server IP
My MX record also points to the mail record that contains the Bellsouth
My domain is and the mail server is This obviously doesn't work because I haven't
seen any documentation that states to do it this way. 
Is there anyone monitoring who's familar with TZO that can break this
down for me? 
Many thanks in advance
List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
Leading Network Software Directory:
No.1 ISA Server Resource Site:
Windows Security Resource Site:
Network Security Library:
Windows 2000/NT Fax Solutions:
You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to

Other related posts: