We are running a WinNT domain here, in fact the only machine that is still NT is de PDC, all the others are already win2k, sp4 now, I use an ISA as firewall, cache and proxy, all works fine, but 2 issues...
I publish the Exchange server thru ISA, works fine, sends receives e-mail fine for local users. The issue here is that for the mail filter (a third party software) to work (as it is exchange 5.5) is has to be installed on a separate machine with IIS SMTP server installed, the principle is basic, this IIS machine receives the mail looks around for the content rules I have and passes it on to the Exchange machine to be delivered to users. Works fine! no problem here... BTW the filter is Policy Patrol, if anyone knows.
The problem comes when I need to access the server from outside, the mail wizard rules are set to Pass POP3 traffic to the exchange server and SMTP traffic to this IIS machine, POP3 works fine, I can receive e-mail from outisde, fine, no problem... but when I try to send e-mail, if it is not for an address in the exchange server (I mean, on my domain) the mail is refused saying that relay is not allowed, fine for me, should be like that, set authentication right??
The strange thing is when I access this IIS machine from outside, via ISA I get a warning of Unknown SMTP command warning from ISA with a string with lots of strange characters and the mail won't be sent, but, if i set the SMTP server for the internal address of the IIS machine, mail is sent fine, could it be some kind of authentication problem that ISA is not recognizing, or relay permissions on the IIS machine, which is set to allow all athenticated users to relay??
Same problems happen it I set ISA to forward SMTP traffic to the Exchange box itself, I've tried setting a relay permission on exchange to allow traffic to pass it connection is attempted at the internal addres, but in fact if it is coming from the ISA box, all connections for SMTP will be bind to the internal address wich would result in an open relay... makes sense??
-- // --
Second problem would be using Outlook express to access an outside mail server, it gets there, authenticates but won't receive messages, when packet filters are disabled problem disappears... any protocol rule I'm missing here?? I've set a rule to allow all protocols, all ports and it still happens.
I think it is related, but I can't get a TELNET connection to this outside mail server as well...
Thanks for any suggestion.
I publish the Exchange server thru ISA, works fine, sends receives e-mail fine for local users. The issue here is that for the mail filter (a third party software) to work (as it is exchange 5.5) is has to be installed on a separate machine with IIS SMTP server installed, the principle is basic, this IIS machine receives the mail looks around for the content rules I have and passes it on to the Exchange machine to be delivered to users. Works fine! no problem here... BTW the filter is Policy Patrol, if anyone knows.
The problem comes when I need to access the server from outside, the mail wizard rules are set to Pass POP3 traffic to the exchange server and SMTP traffic to this IIS machine, POP3 works fine, I can receive e-mail from outisde, fine, no problem... but when I try to send e-mail, if it is not for an address in the exchange server (I mean, on my domain) the mail is refused saying that relay is not allowed, fine for me, should be like that, set authentication right??
The strange thing is when I access this IIS machine from outside, via ISA I get a warning of Unknown SMTP command warning from ISA with a string with lots of strange characters and the mail won't be sent, but, if i set the SMTP server for the internal address of the IIS machine, mail is sent fine, could it be some kind of authentication problem that ISA is not recognizing, or relay permissions on the IIS machine, which is set to allow all athenticated users to relay??
Same problems happen it I set ISA to forward SMTP traffic to the Exchange box itself, I've tried setting a relay permission on exchange to allow traffic to pass it connection is attempted at the internal addres, but in fact if it is coming from the ISA box, all connections for SMTP will be bind to the internal address wich would result in an open relay... makes sense??
-- // --
Second problem would be using Outlook express to access an outside mail server, it gets there, authenticates but won't receive messages, when packet filters are disabled problem disappears... any protocol rule I'm missing here?? I've set a rule to allow all protocols, all ports and it still happens.
I think it is related, but I can't get a TELNET connection to this outside mail server as well...
Thanks for any suggestion.