Yes but as far as I know you still can't send out through any IP except the default. Are you saying that I can bind different mail servers to different outbound IPs? The articles I have read do not indicate this. I have been through this in and out for the past couple of years and have never found an acceptable solution. This seems like a weakness mostly for smaller orgs that do not have the resources to set up relay servers. The solution is obviously that - setup a relay server that allows you to bind smtp instances to different IPs (if you want them to appear to the world as different orgs). I just feel strongly that the "proxy" nature of ISA is a hindrance that you don't see in other popular firewalls. Oh well. -----Original Message----- From: JosephK [mailto:josephk@xxxxxxxxx] Sent: Wednesday, June 01, 2005 2:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP Importance: High http://www.ISAserver.org Your not running IIS on the ISA box when you just select the SMTP service at least on 2003. And when you setup the outbound relay you can have your internal exchange or mail server send to the ISA box and on the ISA box you setup the ISA system policy to allow outbound connections. Then on the SMTP service you specify the only box that can relay through your machine is the internal mail machine. Thank you, Lots of good articles out on isaserver.org by the way. Joseph -----Original Message----- From: Bryan D. Andrews [mailto:bandrews@xxxxxxxxxxxxx] Sent: Wednesday, June 01, 2005 11:50 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP http://www.ISAserver.org Hmmm... I always thought the best policy was not to run IIS or anything other than ISA on the ISA server. In these articles you mention are they "outbound" relays also? Does this scenario support binding the smtp instance to particular IPs for different relaying servers? Thanks again for the replies! -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, June 01, 2005 1:51 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP http://www.ISAserver.org Hi Joseph, True enough! There are several articles by moi on the ms.com and ISAserver.org sites on how to configure the ISA firewall itself as an inbound SMTP relay. No extra software, no extra hardware. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: JosephK [mailto:josephk@xxxxxxxxx] Sent: Wednesday, June 01, 2005 12:33 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP Importance: High http://www.ISAserver.org Relay servers can be located on the ISA box and in the DMZ on the web machine. I have it setup this way and it works great and I'm not using an extra machine. However, I have used POSTFIX and sendmail in testing and they work as well. Thank you, Joseph -----Original Message----- From: Bryan D. Andrews [mailto:bandrews@xxxxxxxxxxxxx] Sent: Wednesday, June 01, 2005 10:16 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP http://www.ISAserver.org That assumes the following: * That there is someone who knows linux * That there is an extra workstation * That they want another point of failure for email * That they want to spend the time configuring this I just feel like this is a hack and it should not be this way. Might be out of luck huh....? -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Wednesday, June 01, 2005 9:50 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP http://www.ISAserver.org Can't they afford an old workstation, with freebie Linux, and one of the many flavours of mailserver available??? S -----Original Message----- From: Bryan D. Andrews [mailto:bandrews@xxxxxxxxxxxxx] Sent: Wednesday, June 01, 2005 10:33 AM To: ISA Mailing List Subject: [isalist] RE: SPF problem: was RE: Publishing an Exchange Server and email still going out through the default IP http://www.ISAserver.org Hehe - that is what I am saying... a relay server is not an option at this point. I guess I am really trying to find out if there is any movement on this issue at MS? Or will there be? I know this group would know if there was... :) Does checkpoint or other popular firewalls have this issue? I would think the answer is no. This should be taken seriously considering the SenderID. Not every company can afford to create relay servers in a dmz. Thanks Tom for the reply. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bandrews@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bandrews@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx