[isalist] Re: Configuring ISA Server 2004 to allow email only from Frontbridge servers
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>,<isalist@xxxxxxxxxxxxx>
- Date: Wed, 10 May 2006 23:43:39 -0700
"I added a network" - don't do that.
ISA "network" elements (as opposed to "network objects") are representative of
physical or logical networks handled by Windows or RRAS (VPN).
Unless you are actually adding a NIC (or 1Q VLAN), don't add networks elements.
Create a computer object with the appropriate IP address and use that in the
mail publishing rule.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Scheele, Brian
Sent: Wed 5/10/2006 8:45 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Configuring ISA Server 2004 to allow email only from
Frontbridge servers
Our MX record for our email domain points to mail.frontbridge.com.
Frontbridge filters the email, then forwards it to our IP address.
I added a network, called Frontbridge to my ISA server with the list of IP
addresses that Frontbridge sends from. All other SMTP traffic should be
blocked since that traffic would bypass Frontbridge.
ISA server now blocks all email that Frontbridge forwards (even if I do not add
the Frontbridge network to any firewall policies). The result code is
0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED
I have to delete the network that I created so that email can come in.
Does anyone know what I am doing wrong, or know how to properly set up ISA
Server to allow email to come in from only specific IP addresses? We have only
one external IP address.
Thanks,
Brian Scheele
Systems Administrator
<http://www.clarkfilter.com/Default.aspx>
3649 Hempland Road
Lancaster, PA 17601-1393
Phone (717) 285-8050
Fax (717) 285-8051
All mail to and from this domain is GFI-scanned.
Other related posts:
