I just set up a new server (replacing an old one) with Windows 2000 Server and Exchange 5.5. Previously, the original server was set up to allow client relaying. We had a spam issue (open relay) and had to close the relay and set up a message firewall (CMS Praetor, I recommend it) and installed it on the same machine as Exchange. Since Praetor doesn't allow relaying of any kind, we bought a new server (since the first one was old anyway) to use as the new mail server while the old one became the stand-alone message firewall. All SMTP traffic flows into the message firewall machine, then to the new Exchange server. Outgoing messages go the other way, obviously. Here's the fun part...
I'm setting up remote clients to connect right to the NEW server via pop3. The new server has it's own public IP (it's hidden) and the router is configured to allow POP3 requests through. Clients can get their mail. Everything's great with that part. Problem is, and you probably saw this coming, clients can't see the smtp server (Outlook times out and says "The SMTP server your provided is not available, please enter the proper mail server address" message.
The IP addresses in Outlook for both incoming and outgoing are set to the public IP of the NEW server. Since the router is only set to allow pop3 packets through to the new server, I'm assuming that's why it wasn't responding. Here's what I'm fuzzy on. My company's DNS record still points to the old server, which is correct in order to use the message firewall. If I open up the router to allow SMTP packets through to the NEW server, I'm afraid that after some time I'll have the same spam problem we once had since essencially the new server would now be open to SMTP packets from anyone with the public IP. If I set the router to allow SMTP packets through to the new server, will that let Outlook clients on the internet see the server and relay? AND, will that be a problem in the future like it once was?
Sorry for the novel, but there's a lot of history with this situatuation and I wanted to explain it as best I could.
I'm setting up remote clients to connect right to the NEW server via pop3. The new server has it's own public IP (it's hidden) and the router is configured to allow POP3 requests through. Clients can get their mail. Everything's great with that part. Problem is, and you probably saw this coming, clients can't see the smtp server (Outlook times out and says "The SMTP server your provided is not available, please enter the proper mail server address" message.
The IP addresses in Outlook for both incoming and outgoing are set to the public IP of the NEW server. Since the router is only set to allow pop3 packets through to the new server, I'm assuming that's why it wasn't responding. Here's what I'm fuzzy on. My company's DNS record still points to the old server, which is correct in order to use the message firewall. If I open up the router to allow SMTP packets through to the NEW server, I'm afraid that after some time I'll have the same spam problem we once had since essencially the new server would now be open to SMTP packets from anyone with the public IP. If I set the router to allow SMTP packets through to the new server, will that let Outlook clients on the internet see the server and relay? AND, will that be a problem in the future like it once was?
Sorry for the novel, but there's a lot of history with this situatuation and I wanted to explain it as best I could.
