Ok guys,
I have a weird on that I can not solve, so I am posting it here since the current environment is 5.5. We are going to be upgrading a customer to Exchange 2003 shortly; however, their current mail relay server is an Exchange 5.5 talking to an Exchange 5.5 server on the backend. The customer wants to replace the relay first with a server running Windows 2003 with the native SMTP services rather than using Exchange in the new DMZ.
The SMTP relay works great for all incoming messages, routes perfectly actually, however, on the outbound side it will send every message except for mail that is destined for its own domain.
The problem as I see it is the PIX firewall they have and the DNS. The DNS entry for the domain (say xyz.com) points to an external IP on the live internet. When the SMTP server in the DMZ (a 192.168 address) does a lookup for the xyz.com domain it gets the external address and the PIX won’t let it go out and back in on the interface since it thinks it is being spoofed or hacked.
Can anyone think of a way to get it to not do a lookup and send it straight to the internal Exchange server?
I have tried all of the normal things like trying to point it back using a “Smart Host” entry in the virtual SMTP server entry.
Any help would be appreciated.
Thanks,
Justyn
Justyn Worrell
MCP, MCSE, MCT, CCA, CCEA, CCI
SCSA, CCSA, CCSE, CCNA, AANG-UP
I have a weird on that I can not solve, so I am posting it here since the current environment is 5.5. We are going to be upgrading a customer to Exchange 2003 shortly; however, their current mail relay server is an Exchange 5.5 talking to an Exchange 5.5 server on the backend. The customer wants to replace the relay first with a server running Windows 2003 with the native SMTP services rather than using Exchange in the new DMZ.
The SMTP relay works great for all incoming messages, routes perfectly actually, however, on the outbound side it will send every message except for mail that is destined for its own domain.
The problem as I see it is the PIX firewall they have and the DNS. The DNS entry for the domain (say xyz.com) points to an external IP on the live internet. When the SMTP server in the DMZ (a 192.168 address) does a lookup for the xyz.com domain it gets the external address and the PIX won’t let it go out and back in on the interface since it thinks it is being spoofed or hacked.
Can anyone think of a way to get it to not do a lookup and send it straight to the internal Exchange server?
I have tried all of the normal things like trying to point it back using a “Smart Host” entry in the virtual SMTP server entry.
Any help would be appreciated.
Thanks,
Justyn
Justyn Worrell
MCP, MCSE, MCT, CCA, CCEA, CCI
SCSA, CCSA, CCSE, CCNA, AANG-UP
