Bryan Jones
Guest
|
 Posted:
Wed Dec 01, 2004 10:12 pm Post subject:
Multiple SMTP virtual servers - controlling outbound connect |
|
|
I am running an active/passive Exchange 2000 server. That is not exposed to
the Internet for any inbound connections. I use an SMTP gateway to protect
it.
I now have a situation with a branch office that cannot establish a VPN
connection directly to us, and requires use of local email clients (Outlook
Express), so I am trying to configure support for secure IMAP/SMTP email to
their clients.
I've already:
- added a new IP resource to the cluster
- created a second IMAP4 virtual server bound to the new IP
- created IMAP cluster resource
- installed certificate
- tested SSL successfully over port 993
Now I need to add the second SMTP virtual server. I can successfully:
- add the second virtual server bound to the second IP
- create SMTP cluster resource
- install certificate
- disable anonymous connections, etc
- tested SSL successfully on port 25.
Here's the problem, however... as soon as I create the second SMTP virtual
server, all my outbound SMTP queues for general Internet mail delivery begin
using this new SMTP virtual server. I only want outbound SMTP connections
to use the first SMTP virtual server.
As a side note, when the secure SMTP virtual server is running, if I try to
take it offline, the other SMTP virtual server cluster resource will fail.
Any suggestions on how to be able to take it offline without triggering
failure of the other virtual server resource?
Another side note: I found information regarding the apparent limitation in
Clustered Exchange 2000 that if you *require* SSL for an Exchange protocol
virtual server, it will fail the "is alive" checking due to an unrecognized
response during polling. Supposedly this is fixed in Exchange 2003, but is
there any workaround for Exchange 2000? In other words, I'd like the second
IMAP and second SMTP virtual servers to ONLY allow SSL connections so my
public exposure of the Exchange server is minimized.
|
|
Bryan Jones
Guest
|
| Posted:
Thu Dec 02, 2004 10:20 am Post subject:
Re: Multiple SMTP virtual servers - controlling outbound con |
|
|
You know... reading a document on managing SMTP, I wonder - is this just as
easy as creating a specific SMTP connector for the internet (SMTP address
space of "*") ?
Is that enough to ensure that any future created SMTP virtual servers don't
get selected to route outgoing Internet email?
"Bryan Jones" <bryan.jones@findwhat.com> wrote in message
news:evnpfC81EHA.1404@TK2MSFTNGP11.phx.gbl...
| Quote: | I am running an active/passive Exchange 2000 server. That is not exposed
to
the Internet for any inbound connections. I use an SMTP gateway to
protect
it.
I now have a situation with a branch office that cannot establish a VPN
connection directly to us, and requires use of local email clients
(Outlook
Express), so I am trying to configure support for secure IMAP/SMTP email
to
their clients.
I've already:
- added a new IP resource to the cluster
- created a second IMAP4 virtual server bound to the new IP
- created IMAP cluster resource
- installed certificate
- tested SSL successfully over port 993
Now I need to add the second SMTP virtual server. I can successfully:
- add the second virtual server bound to the second IP
- create SMTP cluster resource
- install certificate
- disable anonymous connections, etc
- tested SSL successfully on port 25.
Here's the problem, however... as soon as I create the second SMTP virtual
server, all my outbound SMTP queues for general Internet mail delivery
begin
using this new SMTP virtual server. I only want outbound SMTP connections
to use the first SMTP virtual server.
As a side note, when the secure SMTP virtual server is running, if I try
to
take it offline, the other SMTP virtual server cluster resource will fail.
Any suggestions on how to be able to take it offline without triggering
failure of the other virtual server resource?
Another side note: I found information regarding the apparent limitation
in
Clustered Exchange 2000 that if you *require* SSL for an Exchange protocol
virtual server, it will fail the "is alive" checking due to an
unrecognized
response during polling. Supposedly this is fixed in Exchange 2003, but
is
there any workaround for Exchange 2000? In other words, I'd like the
second
IMAP and second SMTP virtual servers to ONLY allow SSL connections so my
public exposure of the Exchange server is minimized.
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in