Win2K3 as an SMTP forwarder?

#1
Hi all. I'm new here.

Got a question, I am currently admining a small domain, running a win2k3 DC/Infrastructure box, a file server and an Exchange 2003 server.
I'm trying to set up a Win2k3 server that straddles our firewall with an external interface with a public IP (mail.company.com and the MX resolve to this external address) and an internal interface on our LAN. I want to use this as an SMTP forwarder that passes all incoming messages to the exchange server.
Ultimately I will be isntalling ISA 2004 on this box as well and using it as an RPC over HTTP proxy for the exchange box, as well as to publish OWA externally.

So this first step here is just getting the smtp service properly configured to route messages incomming on the external interface to the exchange server on the internal interface.

any suggestions, critisizm or alternate ideas would rock!

J
 

fitz

Woah.. I'm still here?
Staff member
Political User
#2
umm.. why not just install ISA server in a DMZ configuration and use ISA to handle your SMTP traffic?
 
#3
fitz said:
umm.. why not just install ISA server in a DMZ configuration and use ISA to handle your SMTP traffic?
That's the plan, but I figured I needed to have the SMTP service set up on the box already.
I'm not so familliar with ISA 2004 yet, so pardon my ignorance.

would you still have a "straddling" set-up or would you jsut route from the DMZ into the LAN.

I'm using a Pix515E to handle the LAN perimeter and can set up a DMZ on the third interface if need-be.

Also, do you think that will cause issues with the RPC proxy on the ISA box?
 

fitz

Woah.. I'm still here?
Staff member
Political User
#4
Here is a nice article on setting up the SMTP filter on an ISA server.

Also, www.isaserver.org has a LOT of good articles and can teach you pretty much anything you wanted to know.

Personally, I would put the ISA box strictly in the DMZ only and configure your PIX to forward the traffic on port 25 on the external interface to the DMZ and traffic from yoru DMZ to the LAN over port 25.

edit: isaserver.org is run by Thomas Shinder who is considered by many to be one of the 'gods' of ISA Server. Go pick up his books too - good reading and info in his books.
 

Members online

No members online now.

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,971
Messages
673,300
Members
89,016
Latest member
Poseeut