Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SBS SMTP ( Forward all email to email server at your ISP)?

Status
Not open for further replies.
blumbra

blumbra

Technical User
Apr 9, 2001
16
US
Hello,

There are a number of threads discussing the use of the (Forward all email to email server at your ISP) setting.

Basically, I want to use it. However, my client uses Verizon DSL as their ISP and the SMTP server requires authentication. Is there anyway to include a username and password so that it can authenticate?


Thanks,
B.L.
 
Sort by date Sort by votes
If you set up a new connector, you are able to also configure authentication and provide username/password. I've set this up with Verizon before.

On the Delivery Options tab for the new connector, click OutBound Security and enter the credentials there.

If all your mail is going to be forwarded through Verizon, you will probably just be editing your default mail connector.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
Thanks for the response!

The company is still sending in house email. If I change the default connector to forward to Verizon will this affect that at all?

My assumption is that if I just change the authentication info in the default that I'll be good to go.

B.L.

 
Upvote 0 Downvote
For the most part, nothing you change on the SMTP connector will affect in-house mail. That's determined by the recipient policy.

You are correct in your assumption.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
This is good info. I am setting up my first SBS 2003 server. The client has Verizon DSL, and wants to setup email using the Exchange server and SMTP instead of using the Verizon pop3. Does anyone have good instructions on how to work with Verizon to get everything set the way we need and what I need to set on this end to make it all work? I did send one email requesting MX and PTR records. I am also running McAfee Total Protection Advanced. Thanks.

SMR
 
Upvote 0 Downvote
SMR, do you have your own domain name? You'll want to have that.

If you don't have your own domain name and want to keep using the Verizon email accounts, you'd want to use the POP3 Connector and also set up a smarthost with authentication for outbound mail. But I recommend not doing that.

You'll want to do the following:
- A static IP address for your network
- A domain name
- An A-record set up in your DNS that points to your static IP.
- An MX record for your domain that points to the A-record you set up.
- A PTR record that resolves your A-record to your IP address.

If you have all those ready, you should be able to run the Internet and Email Wizard in SBS and plug in the info you have and inbound/outbound email should work, assuming that DNS has had some time to propagate and Verizon isn't blocking outbound traffic on port 25. If they are, you should either ask them to remove the block or configure one of their mailservers as a smarthost. Verizon should provide you with the servername for that and also tell you whether you will have to authenticate.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
Thanks ShackDaddy,

We do have a domain name with the ISP and static IP. I originally requested from verizon:

Mail.domainname.com at IP address ##.###.###.# (our static IP)

Please create an mx record for this

Please create a ptr record for domain domainname.com at ip address ##.###.###.#

I just sent the following to Verizon today per instructions from McAfee:

yourdomain.com. IN MX 100 yourdomain.com.s8a1.psmtp.com.
yourdomain.com. IN MX 200 yourdomain.com.s8a2.psmtp.com.
yourdomain.com. IN MX 300 yourdomain.com.s8b1.psmtp.com.
yourdomain.com. IN MX 400 yourdomain.com.s8b2.psmtp.com.
yourdomain.com. IN MX 500 mail.yourdomain.com (your old DNS MX entry)
yourdomain.com. IN MX 600 mail2.yourdomain.com (your old DNS MX entry)

When I tried to ask Verizon any questions -- they said it's my mailserver and they have nothing to do with it. Should their server be the smart host? What do I need to be asking? I asked about authentication and they said that was up to me to work out with McAfee? I feel totally lost...Thanks for any help.

SMR



 
Upvote 0 Downvote
The PTR record should usually resolve to your A-record (the one your MX points at), not just to your domain name.

I doubt you need to worry about a smarthost with Verizon, or that port 25 is being blocked.

The big question is this: does McAfee know what to do with your mail after it has scanned it? Do they know what your static IP addres is so that they can deliver to you? If so, you should be good.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
So, are you saying I need to send Verizon additional instructions for an 'A' Record and repoint the MX records to this 'A' record? Bear with me since this is new to me..what should the 'A' record be? Thanks.
 
Upvote 0 Downvote
mail.domainname.com @ ###.###.###.### is an A-record. You already requested that.

MX record = your MX record is pointing to the MacAfee service, as it should be. Don't worry too much about the A-record at this point, since you are actually bypassing the normal order of things by using the MacAfee service. Just make sure that the "big" question I mentioned earlier is answered.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
ok. I verified that Verizon has the records correct and McAfee is fowarding to my static IP. I can send email, but It appears that either my router or SBS is blocking the messages coming from McAfee. McAfee provided me an IP range, CIDR Range, and IP/Subnet Mask pair. So, where and how do I enter this info (boy do I feel overwhelmed trying to learn all the details having never done server stuff before!) Thanks for pointing me in the right direction.
 
Upvote 0 Downvote
Is your firewall allowing inbound traffic on port 25 and forwarding it to your server? That would have to be in place for any inbound traffic to work.

You can test this from outside of your network by doing:
telnet ##.##.###.## 25

If your server "answers the phone," you know that your router configuration probably isn't an issue anymore. If nothing happens, then either you aren't forwarding port 25 properly, or your server isn't listening. It's most likely the former, since your server is already set up to send.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
I set up the SMTP virtual server (foward port 25) on the router. McAfee directed me to an IP range that I reference above and needing to do something to allow traffic from their IP range?? I do not know exactly what they meant...
 
Upvote 0 Downvote
By default a forwarded port forwards all mail. They are saying that you could restrict the port 25 traffic to only allow traffic from their list of networks. Initially, I wouldn't worry about that. Just set the port forwarding up and then test it from the outside using telnet like I mentioned. Once you know it works, then you can think about restricting that traffic, either on the router or in the SMTP Virtual Server configuration.

ShackDaddy
Shackelford Consulting
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
462
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
586
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
754
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
473
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
568
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top