RE: SMTP publishing problem

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 28 Jan 2005 08:39:48 -0600

Hi Darko,

What is the *exact* IP addressing information on the ISA firewall's interfaces?

What is the *exact* IP addressing informationon the SMTP server's interface?

Thanks!


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx] 
Sent: Friday, January 28, 2005 8:31 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

Mail Server can connect outbound. I already wrote that. They are 100% Secure
NAT client.

First I publish Microsoft SMTP server and Second I publish LINUX SMTP server
and both of them don't want to work when they are published.

DNS Server also don't want to work when I set "Requests appear to come from
the origial client" option.

I test this configuration on two phisical separated ISA Servers. :(


Darko Kljajić

Administrator for operating systems

IT Department

tel: +381 11 201 1567

mob: +381 64 811 1655

e-mail: darko@xxxxxxxxxxxxxxxx

===========================

Delta Banka A.D.

Milentija Popovića 7b, Belgrade

Serbia & Montenegro

site: www.deltabanka.co.yu

===========================


-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: 28. januar 2005 15:10
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

First of all, this list is exactly that; a place for folks to get direction
(isn't that why you're here?). 
Second, if the mail travels when "send ISA IP" is set, but not when "send
original client IP" is set, then ISA and / or client configurations likely
are causing it.
Is your mail server configured to allow connections only from "local" IPs?
Can you be more specific about "doesn't work?"
Can the mail server connect outbound?

-----Original Message-----
From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx] 
Sent: Friday, January 28, 2005 5:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

I set up mail server to be a secure NAT client before everyone tell me that.
That adjustment is basic. (those that don't know that shoudn't be on this
discussion list, they have to read a lot) I have same problem with DNS too.


Network rule set: Perimeter to External = NAT

Publish rule: SMTP server, from: anywhere to "ip address of smtp server"(in
perimeter network), Requests appear to come from the origial client

SMTP Server: Default Gateway is the address of ISA's IP address in perimeter
network (SMTP server is not firewall client)

When I try to connect from external network to external IP address of ISA
Server on port 25 I get nothing.

I set access rule that allow smtp from Perimeter network to External.
Everything works. When I try to connect from mail server in perimeter
network to mail server in External network ... it works. With this test I
prove that perimeter mail server has a DG.

I repeat ... when I publish any server with Server rule and with feature
"Requests appear to come from the origial client" (HALF NAT) it doesn't
work.

Darko Kljajić

Administrator for operating systems

IT Department

tel: +381 11 201 1567

mob: +381 64 811 1655

e-mail: darko@xxxxxxxxxxxxxxxx

===========================

Delta Banka A.D.

Milentija Popovića 7b, Belgrade

Serbia & Montenegro

site: www.deltabanka.co.yu

===========================

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: 25. januar 2005 16:53
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

It's something the ISA team discussed changing to since "NAT" isn't
necessarily part of the communications if the network or host relationship
is "route".

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, January 25, 2005 07:00
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

Hey Jim,

You mentioned the name transition from SecureNAT to SecureNET. I actually
prefer SuperNAT client myself :-)

I haven't found any other references to SecureNET though -- I found a few
references to "transparent proxy" which I think it walking down the wrong
street, since most people consider transparency to be at layer 2, which the
SecureNAT/NET/SuperNET/SuperNAT client ain't. 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Tuesday, January 25, 2005 8:39 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMTP publishing problem

http://www.ISAserver.org

Your SMTP server needs to be a SecureNET client.
This is covered in the ISA help and several publishing articles on
http://isaserver.org/articles_tutorials/publishing/ and
http://www.microsoft.com/isaserver/techinfo/guidance/2004/publishing.asp  

-----Original Message-----
From: Darko Kljajic [mailto:darko@xxxxxxxxxxxxxxxx]
Sent: Monday, January 24, 2005 11:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] SMTP publishing problem

http://www.ISAserver.org

SMTP publishing don't work until I change the option that "Requests appear
to come from the ISA Server computer". I don't want to set it that way
because my anti-spam software doesn't work. 

I "understand" why that option doesn't work with http publishing, but what
is the problem with SMTP?

Darko Kljajić
Administrator for operating systems
IT Department
tel: +381 11 201 1567
mob: +381 64 811 1655
e-mail: darko@xxxxxxxxxxxxxxxx
===========================
Delta Banka A.D.
Milentija Popovića 7b, Belgrade
Serbia & Montenegro
site: www.deltabanka.co.yu
===========================



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
darko@xxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
darko@xxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem
• » RE: SMTP publishing problem

1. Home
2. isalist
3. Archive
4. 01-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---