Incoming Mail from One Source - How to? (Full Version)

All Forums >> [Microsoft Exchange 2000] >> General



Message

raklein -> Incoming Mail from One Source - How to? (28.Nov.2007 1:58:38 PM)

We are considering letting our ISP do our spam and virus filtering - they said I need to setup Exchange to accept mail from IP range 210.123.123.0/21.  Where is this setting? I get confused b/c it is hard to differentiate btwn outbound and inbound.  So any assitance you can provide would be greatly appreciated.



jassyca -> RE: Incoming Mail from One Source - How to? (28.Nov.2007 4:13:46 PM)

quote:

I get confused b/c it is hard to differentiate btwn outbound and inbound.


Outbound = Messages my users are sending to external addresses.
Inbound = Messages that external people are sending to my users.
[:D] Does that help?

Okay, now to your main question. I'm not positive of this so you'll want to do some testing after you make these changes:

Open Exchange System Manager and drill down until you find your Exchange server's SMTP virtual server. Right click on it and choose "Properties". Click the "Access" tab. Click the "Connection" button. Add your ISP's IP's. (I don't think it will allow you to give it a subnet mask so you'll have to add each one individually. [1]) Make sure you have the option for accepting "only from the list below" checked. Now, that should mean that your server will only accept incoming messages from your ISP. So test it by sending a message via your ISP and then do another test using Hotmail or Yahoo mail or whatever.

Do you need to apply the same restriction to outbound messages? Because the above steps only restrict what IP's are allowed to send inbound to you.


[1] - By the way, are you sure the subnet mask is correct? For 210.123.123.0 with /21 (in other words, 255.255.248.0), I get that the range would be 210.123.120.0 to 210.123.127.255. Why would they tell you the third octet is 123 if the range starts at 120? Maybe I've got my calculations wrong?



rishishah -> RE: Incoming Mail from One Source - How to? (29.Nov.2007 12:59:25 AM)

agree with jassyca,

but you can also restrict on your firewall. Much safer and easier.

Also also the /21 means its 255.255.248.0... ask your ISP are they sure...this is a HUGE subnet

210.123.120.1 to 210.123.127.254      



raklein -> RE: Incoming Mail from One Source - How to? (3.Dec.2007 9:27:09 AM)

[:)] Thanks, that was the answer I was looking for, just needed that confirmation.  I made up the IP/Subnet - used as an example.  



jassyca -> RE: Incoming Mail from One Source - How to? (3.Dec.2007 2:40:27 PM)

Oh, duh, last thing.. once you've tested that your Exchange server only accepts messages from your ISP, you'll need to change your MX records. Now the bad part is, DNS changes could take up to 48 hours before they take affect. So you might want to take out the restriction until after your ISP says that they've made the necessary DNS changes.

No use cutting yourself off from the world for two days until after you've gotten word the changes are in place. [:D]



Page: [1]