Hi Guys,
Im Jamie, Firstly i did try and search before i posted but apparently the words internal relay were too common.
I recently started a new role at a company where the last admin died and the whole system was left unchecked for coming on two years. I have next to no documentation.
Anyway were currently being hammered by SPAM. So im trying to put your solution in place
I have to implement it in the exchange environment and could just do with some advice;
currently multiple offices share the same the same SMTP address space.
So our domain comes in;
joe.bloggs@mydomain.com >>> Exchange Server One >>>
This exchange server then checks the mailbox exists on this server and if not passes on via internal relay i believe to the next server.
So we have
Exchange Server One - that relays too; "exchange server 2" / "exchange server 3" and "exchange server 4"
i only want to deploy the spam solution to exchange server "exchange server 4"
so i am assuming i would have to have the internal relay point too my "EFA" VM
then the EFA configured to pass my to "exchange server 4"
am i correct? so in my EFA configuration, id have;
accept mail from: "exchange server 1"
ANTISPAM
Pass email through too: "exchange server 4"
Am i correct or am i missing something?
Regards
Cap
Multiple Exchange Environment Configuration
Re: Multiple Exchange Environment Configuration
I realise ideally putting the EFA server before Exchange 1 would be best practice, I just wanted to to EFA on exchange 4 to see how it worked. Now it seems like
" you will lose the ability to detect an incoming message based on sender's IP."
is going to scupper that plan.
my question is;
i will leave my MX Record as it is; but change the NAT on my router so the external ip reflected in the MX record now instead point to my EFA Server.
Then the EFA Server Sends this mail to "exchange 1" and the email process totally the same from this point onwards except hopefully we have less SPAM.
Im worried now that putting EFA in place as above will cause an issue with me sending out;
what exactly will i need to change on my exchange server.To stop any issues with outgoing mail. im not 100% how mail goes out, does it go back out via the hub or does each individual exchange server send out. im guessing the latter but i dont know how to prove that and i see no documentation that states such.
but that being said i have had times when "exchange server 4" wont send out but all other servers are ok. so does this mean just that?
" it must have a public IP, an A record and a PTR record for its public IP so that it doesn't get blocked"
wouldn't this already exist in order to mail to be sent outbound already? some sort of outbound route in the firewall which allows "exchange server 4" to send emails on SMTP via external IP address (which is the same as one on the domains MX record?)
or when sending does all the mail pass back to "Exchange Server 1" to go out?
Regards
Cap
" you will lose the ability to detect an incoming message based on sender's IP."
is going to scupper that plan.
my question is;
i will leave my MX Record as it is; but change the NAT on my router so the external ip reflected in the MX record now instead point to my EFA Server.
Then the EFA Server Sends this mail to "exchange 1" and the email process totally the same from this point onwards except hopefully we have less SPAM.
Im worried now that putting EFA in place as above will cause an issue with me sending out;
what exactly will i need to change on my exchange server.To stop any issues with outgoing mail. im not 100% how mail goes out, does it go back out via the hub or does each individual exchange server send out. im guessing the latter but i dont know how to prove that and i see no documentation that states such.
but that being said i have had times when "exchange server 4" wont send out but all other servers are ok. so does this mean just that?
" it must have a public IP, an A record and a PTR record for its public IP so that it doesn't get blocked"
wouldn't this already exist in order to mail to be sent outbound already? some sort of outbound route in the firewall which allows "exchange server 4" to send emails on SMTP via external IP address (which is the same as one on the domains MX record?)
or when sending does all the mail pass back to "Exchange Server 1" to go out?
Regards
Cap
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Multiple Exchange Environment Configuration
How does your exchange currently relay mail?
(EFA does not have to be involved with outbound mail flow)
(EFA does not have to be involved with outbound mail flow)
Re: Multiple Exchange Environment Configuration
Good question. As I may or may not have explained I have basically inherited an organisation with no documentation what so ever and I'm having to work things out as I go.
Now I assume that each exchange server sends out its self. As I have had exchange servers be Down and unable to send while others are perfectly fine.
However I have no real way of confirming this. Do you know anything I can do to test the outbound mail and see the route in which it takes?
Now I assume that each exchange server sends out its self. As I have had exchange servers be Down and unable to send while others are perfectly fine.
However I have no real way of confirming this. Do you know anything I can do to test the outbound mail and see the route in which it takes?
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Multiple Exchange Environment Configuration
Yes 
Send an email out from your Exchange to, say Google or some other 3rd party you have access to view.
Look at the email header and see which address and server it originates from and that should help.
Send an email out from your Exchange to, say Google or some other 3rd party you have access to view.
Look at the email header and see which address and server it originates from and that should help.