Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Drawing a Blank
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Drawing a Blank - 4.Nov.2007 9:57:10 AM
|
|
|
shannonharvey
Posts: 5
Joined: 4.Jan.2002
From: Massachusetts
Status: offline
|
These I’m sure is probably the most basic of basic questions but for some reason or another I am drawing a complete blank….I’ve done this before without incident…but perhaps I’m having a pre-senior moment.
I have in place the following configuration….a ccr cluster (seems to be working fine), a hub transport/client access server, and an edge server (that is sitting on the 3rd leg of my isa server…dmz scenario)……I’ve setup communication between the edge server and hub transport by putting in place a rule to allow for ldap and smtp traffic (I’ve confirmed that this works by telneting to the ports defined without incident .
I can connect to the mail and send mail internally using outlook 2007 (which appears to be a very good thing)…..now comes my challenges….which is why I am posting these questions……
On my edge server there are multiple options that look as though they need to be configured, my problem is that I’m not certain as to whether or not they should be or whether the default install sets them up as they need to be.
1. Receive Connectors: Currently set to hostname of server. Should this be set to external name ie: mail.domainname.com?
2. Do any changes need to be made on the Network, Authentication or Permission Group tabs?
3. Send Connectors, Transport Rules, and Accepted Domains: This is currently empty…..do I need to add anything here or does the configuration on the Hub Transport take care of this?
On the Hub Transport Server I have what appears to be several receive connectors (Client and Default) what do I do with these?
1. Do I change the fqdn to the external name (like I outlined above)
2. The Network Tab shows port 587…..where is this used and do I need to change it?
3. Authentication and Permission Groups are set up as default…..ie: TLS, Basic, Integrated…my guess is that I don’t need to change anything here…Permissions Groups only has “Exchange Users”
4. On another note can I completely remove these and setup a custom connector….if so what fields need to be populated?
On a final note….my isp blocks port 25 so I’m using dyndns’s mailhop services….
1. The instructions they give apply to exchange 2003, how can I incorporate these into 2007 http://www.dyndns.com/support/kb/mail_servers_and_mailhop_outbound.html#exchange2003 I’m going to be using port 10025 for inbound, 2525 for outbound.
2. In using ISA 2006 to which server do I point my mail server rule to? The edge server (like I would if I were using 2003) …or to my hub transport?
Thanks a lot
|
|
|
|
|
RE: Drawing a Blank - 4.Nov.2007 11:16:28 AM
|
|
|
joggie721
Posts: 20
Joined: 28.Oct.2007
Status: offline
|
Shannonharvey,
wow that is alot!, but I think I may be able to simplify what and stear you down a path so that you can understand whats going on. for starters it would be good to educate your self on exchange 2k7 Here is a general white paper http://tinyurl.com/3czla9
what you need to do after reading this is then find articles that address your questions. I am going to give my explination of some of the questions and I am sure that I will be followed up by other MSEX members. so here we go.
Any of your questions that deal with connectors are dealing with "mail flow" if you have things working now you will want to see where your mail comes from. Possibly send your self an email and look at the internet headers, this will show you what the "world" sees when mail is sent from you, which is important to know. Second your permissions or groups tab, you will need to see what your settings are currently thne like I said previously check out an article or two to determine what is best for your org. http://technet.microsoft.com/en-us/library/aa997170.aspx
As for the "accepted domains" I would refer back to the first link to see the built in protection that exchange 2k7 offers. Not everyone believes that these features are enough to combat the threats out there. The accepted domains is a list of friends. But you need to be careful as attackers could present themselvs as your friends and enter right in.
To address your "final note" I would obtain and ISP that allows smtp traffic and get a ful DNS to rout mail directly to you. Your set up suggests one of two things either you have a large org/demand for email, or you have some over kill going on as far as architecture and admin over head.
I am not sure that this really answers your questions but I do not believe that others will be able to tell you exactly which settings to set without you knowing what your goals are based on your understanding of the different features.
< Message edited by joggie721 -- 4.Nov.2007 11:17:30 AM >
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
