Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
RE: MessageLabs & Exch 2003
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
 Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM
|
|
TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!
|
RE: MessageLabs & Exch 2003 - 3.Dec.2007 2:00:05 PM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
Hi Rishi, what an epic!
I fear the last paragraph of my last post may have been a Red herring, the email wasnt bounced, didnt arrive just lost!!
Anyway, your correct to say that the firewall is the default gateway and a tracert shows that the first hop for the Exch2003 server is the router on the WAN side so bypassing the firewall or simply not showing it as everything frmm LAN 2 WAN routes thru the firewall [I hope!!]
MessageLabs suggest following this method http://gary.brett.googlepages.com/exch2003 but I havent set my other office server like this and it works a treat with identical firewall setup except its 2000 OS instead of local 2003
Check out step 6, its bizarre as there are well over 700 different IPs behind the cluster3.eu.messagelabs.com cluster, it would take you days to implement that!!
I'm really lost here..
EDIT - I can successfully Telnet and send message via port 25 into the other office Exch 2003 server from my LAN here, but cannot do this in reverse! On both I sent the message from an external email address to a local Exch account, the remote was good, local returned the relay error!!
< Message edited by gstar1703 -- 3.Dec.2007 2:34:56 PM >
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 3.Dec.2007 4:19:24 PM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
We use Messagelabs in other areas and i always implement the IP address filtering at the firewall. I simply put in the DNS address they give and firewall goes the lookup each time to ensure that the IP Address matches and than allow it through. Hence you should not have to worry about putting in 700 IPs.... you may wish to ask them if they can carry out telnet tests with you while you are on the phone.
At that time check your firewall logs and also look at the SMTP Protocol queue and see what IP the connection comes from, ect.
If you are sure when you use telnet from your lan and the message is accepted, submitted and received for your LAN than all is okay on your Exchange side of things.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 4:20:34 AM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
Hi again Rishi,
Just got off the phone to MessageLabs and he has suggested I ring MS to resolve. He tried to telnet in and got the relay message, I then added his IP to the Exchange relay config and he was able to send mail no problem. I ran through his Exchange server SMTP properties and they seemed identical to mine, so I am unsure how its an MS problem..
I may just have to fork out for a new server and a renewal on the SMTP filtering software to site between these 2, as it looks to be the end!!
Cheers
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 5:45:14 AM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
In the mean time if you have any other SMTP server or Virtual Machine deploy an SMTP serveer on it and try it that way.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 5:46:00 AM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
Hi,
In case this happens to anyone else I know the issue, just got to work out the resolve now! On my Exch box the "Recipient Policies | Default Policies | Email Addresses policy" has several domains that we own configured in there, ie @mydomain.co.uk, @corp.mydomain.co.uk etc.
Only one of these can be the default and that domain is the only one that we can send mail to from external users, all other domains error with relay.
I tried creating a connector [below] with no success, so will keep searching...
- created a SMTP connector
- select the local bridgehead as the Virtual SMTP server
- select the option "forward all mail through this connector to the following smart hosts" and put the IP address of the Virtual SMTP server in
- in the Address Space tab, put in the secondary domain(s) and check the box "Allow messages to be relayed to these domains"
Cant believe, Im on me fourth day of this!!
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 5:54:34 AM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
Yes this is what i mentioned...if you server is authority for a domain and you receive mail for that domain than it is not mail relay but standard mail submission.
Although you can only have one default domain in the policy that does not mean the exchange server will not receive mail for any other domain correctly configured in the policy too.
Okay so lets concentrate on your Recipient policy. Any chance you can paste a screen shot of it.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 6:08:31 AM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
OK, it looks like this names changed..
smtp - @corp.mydomain.co.uk
SMTP - @corp.mydomain1.co.uk
smtp - @corp.mydomain2.co.uk
smtp - @corp.mydomain3.co.uk
x400 - c=gb;a= ;p= COMPANY EXCHANGE etc etc
So when I route all mail from MessageLabs to Exchange only the @corp.mydomain1.co.uk is allowd through..
Does that make sense?
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 6:16:49 AM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
I think i know why it worked with the other SMTP server (mail filtering stuff you had)... basically this was the authority for your 4 domains and as its IP Address was allowed relaying in the Exchange Server SMTP it could than relay all four domains to you.
Okay are there ticks in the E-Mail Address Policy Tab next to all 4 domains? If there are no ticks than Exchange will reject mail for that domain.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 6:33:35 AM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
Rishi,
Yes all ticked no problem, I then restarted the Exchange services and all appears to be OK.. All domains are now coming through OK, I would like to thankyou for sticking with this, really appreciate your time.
Thanx
Gary
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 6:48:14 AM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
No worries at all. Glad its all resolved now.
Dont forget to take down all the screen shots you put of your Exchange Server in google.
Also if you can have a look at the entire thread as i do mention that you have three large subnets being allowed to relay through your Exchange Server. This is a huge security risk and could cause you problems if any of your servers of desktops were "hacked into".
What i do suggest is that you look at what servers need to relay (i.e. send mail to OUTSIDE all 4 of your domains) and only put thier IP Address in the relay section of the SMTP Protocol.
All clients that use Exchange (OWA/MAPI Outlook and Outlook RPC/HTTPS) are not relaying but simply sending mail via Exchange and hence they do not need to be on the relay list.
However if anybody is using POP3 or IMPA in your org than they do need Mail relay capability.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 8:44:49 AM
|
|
|
gstar1703
Posts: 79
Joined: 13.Apr.2005
From: UK
Status: offline
|
Hi Rishi,
If I removed the 3 internal domains under the Relay tab of the SMTP config wouldnt that affect LAN users sending mail via Outlook? We have a simple setup whereby all internal staff in both offices send/receive through Exchange via Outlook, with the odd external user via OWA. Our webservers send mail directly via eu.messagelabs.com.
I guess I could remove them and see what happens!
|
|
|
|
|
RE: MessageLabs & Exch 2003 - 4.Dec.2007 9:31:40 AM
|
|
|
rishishah
Posts: 576
Joined: 14.Nov.2006
From: Surrey, UK
Status: offline
|
If you users use Outlook via MAPI or OWA (no POP3 or IMAP4) than you dont need the internal mail relay.
_____________________________
Rishi Shah, MCP
If an advice works, report this to the fourm so that others are more confident about it.
Want a quicker answer - than describe your issue in as much detail as possible and exactly what steps you have already taken.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
