setting up an IIS server to relay email to Exchange in DMZ, through two ISA firewalls.

Hello
Sorry about the big mail list, but my question involves 3 different 
expertise, so I am not sure where to post.

In a nutshell what I am trying to do is the following.
a) Get IIS, in an anonymous access DMZ, to pick email from my ISP through an 
ISA server 2004 firewall
I haven't figured out yet how to get the mail server to pick up email, I 
could publish the SMTP server on the external firewall, but all email is 
currently being sent to my ISP and I quite like this because they can take 
care of a lot of spam filtering, virus etc. problems for me.

b) I then want IIS to forward the email to an internal exchange server 
(through another ISA firewall)
I am trying to setup IIS to relay email. when I configure SMTP I get the 
error "the domain name is not valid". I am setting up a domain and selecting 
forward all email to smarthost, but when I check this option and type in the 
IP address of the Exchange server, this is the error I get. It will be 
picking up email destined for three different comains x.com , y.com and 
z.com. The domain name for the Windows domain that needs to accept these 
emails is called b.com. is this going to be a problem? I have not set up 
anything on the Exchange server yet (should I be doing this first?)

c) Theoretically Exchange should then deliver the incoming mail to the 
indovodual users. I have configured the exchange policies such that all 
users have the appropriate associated SMTP email addresses against their 
user names, so hopefully this should just work.

Sorry for all the questions, I seem to have half answers for most issues, 
but just can't seem to get there.

Thanks to anyone who profers help/advice.

Saira

The users in Exchange 


0
Saira6328 (18)
3/1/2006 6:32:59 PM
exchange.admin 57650 articles. 2 followers. Follow

21 Replies
704 Views

Similar Articles

[PageSpeed] 52

On Wed, 1 Mar 2006 18:32:59 -0000, "Saira" <Saira@BayonetVentures.com>
wrote:

>Hello
>Sorry about the big mail list, but my question involves 3 different 
>expertise, so I am not sure where to post.
>
>In a nutshell what I am trying to do is the following.
>a) Get IIS, in an anonymous access DMZ, to pick email from my ISP through an 
>ISA server 2004 firewall
>I haven't figured out yet how to get the mail server to pick up email, I 
>could publish the SMTP server on the external firewall, but all email is 
>currently being sent to my ISP and I quite like this because they can take 
>care of a lot of spam filtering, virus etc. problems for me.

Your IIS server won't do any picking up of email. You would need a 3rd
party POP3 connector on that server to collect the mail and deliver it
to a local SMTP server. That server has the anti virus and spam
solution on it and will forward it to the Exchange server.

>
>b) I then want IIS to forward the email to an internal exchange server 
>(through another ISA firewall)
>I am trying to setup IIS to relay email. when I configure SMTP I get the 
>error "the domain name is not valid". I am setting up a domain and selecting 
>forward all email to smarthost, but when I check this option and type in the 
>IP address of the Exchange server, this is the error I get. It will be 
>picking up email destined for three different comains x.com , y.com and 
>z.com. The domain name for the Windows domain that needs to accept these 
>emails is called b.com. is this going to be a problem? I have not set up 
>anything on the Exchange server yet (should I be doing this first?)
>
>c) Theoretically Exchange should then deliver the incoming mail to the 
>indovodual users. I have configured the exchange policies such that all 
>users have the appropriate associated SMTP email addresses against their 
>user names, so hopefully this should just work.
>
>Sorry for all the questions, I seem to have half answers for most issues, 
>but just can't seem to get there.
>
>Thanks to anyone who profers help/advice.
>
>Saira
>
>The users in Exchange 
>
I'm a bit lost as to why you want an IIS server in a DMZ and then have
two ISA's. I'm not even sure why you want 2 ISA's. Who has told you
that you should do all this? It's a big waste of hardware for no
tangible gain in security.

0
mark7219 (5666)
3/1/2006 6:51:16 PM
> In a nutshell what I am trying to do is the following.
> a) Get IIS, in an anonymous access DMZ, to pick email from my ISP through 
> an ISA server 2004 firewall
> I haven't figured out yet how to get the mail server to pick up email, I 
> could publish the SMTP server on the external firewall, but all email is 
> currently being sent to my ISP and I quite like this because they can take 
> care of a lot of spam filtering, virus etc. problems for me.

You cannot do this with IIS alone. You will need a POP3 connector that 
integrates with your Exchange instance and retrieves mail from your ISP (I 
assume the ISP is using POP3 for message retrieval). In this case there is 
no need for point b) below.


> b) I then want IIS to forward the email to an internal exchange server 
> (through another ISA firewall)

You don't need this if you install and configure the POP3 connector on the 
Exchange server itself. Here's an example of such a connector that 
integrates natively with Exchange 2000/2003:
http://www.mapilab.com/exchange/pop3_connector/

Not too expensive either by comparison with other products of this nature.


> I am trying to setup IIS to relay email. when I configure SMTP I get the 
> error "the domain name is not valid". I am setting up a domain and 
> selecting forward all email to smarthost, but when I check this option and 
> type in the IP address of the Exchange server, this is the error I get.

This should not be a problem, but check your DNS configuration carefully for 
errors.


> It will be picking up email destined for three different comains x.com , 
> y.com and z.com. The domain name for the Windows domain that needs to 
> accept these emails is called b.com. is this going to be a problem? I have 
> not set up anything on the Exchange server yet (should I be doing this 
> first?)

Yes you need to set up Exchange to accept messages for all three domains - 
this is being done mainly through Recipient Policies in the Exchange System 
Manager.

Virgil



>
> c) Theoretically Exchange should then deliver the incoming mail to the 
> indovodual users. I have configured the exchange policies such that all 
> users have the appropriate associated SMTP email addresses against their 
> user names, so hopefully this should just work.
>
> Sorry for all the questions, I seem to have half answers for most issues, 
> but just can't seem to get there.
>
> Thanks to anyone who profers help/advice.
>
> Saira
>
> The users in Exchange
> 


0
3/1/2006 7:38:02 PM
If Exchange is only recieving from the IIS SMTP (pushed to Exchange from
IIS) it doesn't need the connector.  The connector is required if Exchange
"polls" (pulled from IIS to Exchange) the IIS/SMTP for the mail as a "POP3
Client".

I use IIS/SMTP to relay to Exchange myself.  The IIS/SMTP box runs a Spam
Filtering system that processes the incomming mail, then passes it on to the
Exchange.  There was nothing to configure on Exchange,..Exchange is
completely "oblivous" to what is happening.

It sounds to me like the IIS/SMTP Service is just simply missconfigured.
The question should be answered in an IIS Group, not ISA.  ISA has nothing
to do with it,..the fact that it is going through an ISA as a result of
Publishing is irrelevant.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


"ZVR" <no_spam_ever@me.local> wrote in message
news:4405f815$0$5488$9a6e19ea@unlimited.newshosting.com...
> > In a nutshell what I am trying to do is the following.
> > a) Get IIS, in an anonymous access DMZ, to pick email from my ISP
through
> > an ISA server 2004 firewall
> > I haven't figured out yet how to get the mail server to pick up email, I
> > could publish the SMTP server on the external firewall, but all email is
> > currently being sent to my ISP and I quite like this because they can
take
> > care of a lot of spam filtering, virus etc. problems for me.
>
> You cannot do this with IIS alone. You will need a POP3 connector that
> integrates with your Exchange instance and retrieves mail from your ISP (I
> assume the ISP is using POP3 for message retrieval). In this case there is
> no need for point b) below.
>
>
> > b) I then want IIS to forward the email to an internal exchange server
> > (through another ISA firewall)
>
> You don't need this if you install and configure the POP3 connector on the
> Exchange server itself. Here's an example of such a connector that
> integrates natively with Exchange 2000/2003:
> http://www.mapilab.com/exchange/pop3_connector/
>
> Not too expensive either by comparison with other products of this nature.
>
>
> > I am trying to setup IIS to relay email. when I configure SMTP I get the
> > error "the domain name is not valid". I am setting up a domain and
> > selecting forward all email to smarthost, but when I check this option
and
> > type in the IP address of the Exchange server, this is the error I get.
>
> This should not be a problem, but check your DNS configuration carefully
for
> errors.
>
>
> > It will be picking up email destined for three different comains x.com ,
> > y.com and z.com. The domain name for the Windows domain that needs to
> > accept these emails is called b.com. is this going to be a problem? I
have
> > not set up anything on the Exchange server yet (should I be doing this
> > first?)
>
> Yes you need to set up Exchange to accept messages for all three domains -
> this is being done mainly through Recipient Policies in the Exchange
System
> Manager.
>
> Virgil
>
>
>
> >
> > c) Theoretically Exchange should then deliver the incoming mail to the
> > indovodual users. I have configured the exchange policies such that all
> > users have the appropriate associated SMTP email addresses against their
> > user names, so hopefully this should just work.
> >
> > Sorry for all the questions, I seem to have half answers for most
issues,
> > but just can't seem to get there.
> >
> > Thanks to anyone who profers help/advice.
> >
> > Saira
> >
> > The users in Exchange
> >
>
>


0
Phillip
3/1/2006 8:15:09 PM
"Phillip Windell" <@.> wrote in message 
news:%23OkOYzWPGHA.1360@TK2MSFTNGP10.phx.gbl...
> If Exchange is only recieving from the IIS SMTP (pushed to Exchange from
> IIS) it doesn't need the connector.  The connector is required if Exchange
> "polls" (pulled from IIS to Exchange) the IIS/SMTP for the mail as a "POP3
> Client".

I know what you mean, however from the original post I got the impression 
that the mailboxes are currently hosted at the ISP which performs all kind 
of processing on them and also "stores" the messages in which case a POP3 
connector would be required. If the ISP does not "store" the mailboxes and 
simply passes everything on to the IIS relay after applying some anti-virus 
filtering and so on, then the POP3 connector would be unnecessary as you 
pointed out.

Virgil


0
3/1/2006 9:57:25 PM
Ok,..well we'll have to wait and see how they respond back. Maybe they will
clarify it then.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com



"ZVR" <no_spam_ever@me.local> wrote in message
news:440618bd$0$28053$9a6e19ea@unlimited.newshosting.com...
> "Phillip Windell" <@.> wrote in message
> news:%23OkOYzWPGHA.1360@TK2MSFTNGP10.phx.gbl...
> > If Exchange is only recieving from the IIS SMTP (pushed to Exchange from
> > IIS) it doesn't need the connector.  The connector is required if
Exchange
> > "polls" (pulled from IIS to Exchange) the IIS/SMTP for the mail as a
"POP3
> > Client".
>
> I know what you mean, however from the original post I got the impression
> that the mailboxes are currently hosted at the ISP which performs all kind
> of processing on them and also "stores" the messages in which case a POP3
> connector would be required. If the ISP does not "store" the mailboxes and
> simply passes everything on to the IIS relay after applying some
anti-virus
> filtering and so on, then the POP3 connector would be unnecessary as you
> pointed out.
>
> Virgil
>
>


0
Phillip
3/1/2006 10:51:33 PM
Either way it's crazy. Why would one use IIS to redirect mail,  if POP 
connector to the ISP is gonna be used?
He's publishing the mail server with ISA anyways, so I gues he's best bet 
would be to configure exchange to only receive email from ISP's smtp 
server(and for "filtering" to use as a smart host for sending as well), 
after Exchange have been published through ISA!

Julian Dragut



"Phillip Windell" <@.> wrote in message 
news:O2DLxKYPGHA.456@TK2MSFTNGP15.phx.gbl...
> Ok,..well we'll have to wait and see how they respond back. Maybe they 
> will
> clarify it then.
>
> -- 
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
>
> "ZVR" <no_spam_ever@me.local> wrote in message
> news:440618bd$0$28053$9a6e19ea@unlimited.newshosting.com...
>> "Phillip Windell" <@.> wrote in message
>> news:%23OkOYzWPGHA.1360@TK2MSFTNGP10.phx.gbl...
>> > If Exchange is only recieving from the IIS SMTP (pushed to Exchange 
>> > from
>> > IIS) it doesn't need the connector.  The connector is required if
> Exchange
>> > "polls" (pulled from IIS to Exchange) the IIS/SMTP for the mail as a
> "POP3
>> > Client".
>>
>> I know what you mean, however from the original post I got the impression
>> that the mailboxes are currently hosted at the ISP which performs all 
>> kind
>> of processing on them and also "stores" the messages in which case a POP3
>> connector would be required. If the ISP does not "store" the mailboxes 
>> and
>> simply passes everything on to the IIS relay after applying some
> anti-virus
>> filtering and so on, then the POP3 connector would be unnecessary as you
>> pointed out.
>>
>> Virgil
>>
>>
>
> 


0
3/2/2006 4:32:32 AM
We're not publishing Exchange through ISA, and we do not want to expose our 
internal Exchange server to the internet.
One option that we did have was to put in place another Exchange server in 
the DMZ, in this case we would have used a POP Connector to contact the ISP 
and the email would then have gone through to the backend server, however 
this is not our setup.What we actually have is an IIS server in a DMZ and an 
Exchange server on the internal LAN. My questions was:
What is the best way to get mail from the ISP into the DMZ (yes, the ISP 
stores the email in mailboxes, so from previous feedback, it looks like the 
opinion is that I will need a POP connector to get the mail down).

Once the email gets to the IIS Server I need it to be relayed to the 
internal Exchange server (this is where I am getting the IIS SMTP 
configuration error). My main question here, was how do I make sure that all 
mail for all three domains gets forwarded through to the internal Exchange 
server.

We already have our internal mailboxes configured via recipient policies to 
receive mail from the various different domains, but I was not sure whether 
this was all I needed to do.


"Julian Dragut" <julian.dragut@itsm.ca> wrote in message 
news:u%23CpCJbPGHA.3272@tk2msftngp13.phx.gbl...
> Either way it's crazy. Why would one use IIS to redirect mail,  if POP 
> connector to the ISP is gonna be used?
> He's publishing the mail server with ISA anyways, so I gues he's best bet 
> would be to configure exchange to only receive email from ISP's smtp 
> server(and for "filtering" to use as a smart host for sending as well), 
> after Exchange have been published through ISA!
>
> Julian Dragut
>
>
>
> "Phillip Windell" <@.> wrote in message 
> news:O2DLxKYPGHA.456@TK2MSFTNGP15.phx.gbl...
>> Ok,..well we'll have to wait and see how they respond back. Maybe they 
>> will
>> clarify it then.
>>
>> -- 
>> Phillip Windell [MCP, MVP, CCNA]
>> www.wandtv.com
>>
>>
>>
>> "ZVR" <no_spam_ever@me.local> wrote in message
>> news:440618bd$0$28053$9a6e19ea@unlimited.newshosting.com...
>>> "Phillip Windell" <@.> wrote in message
>>> news:%23OkOYzWPGHA.1360@TK2MSFTNGP10.phx.gbl...
>>> > If Exchange is only recieving from the IIS SMTP (pushed to Exchange 
>>> > from
>>> > IIS) it doesn't need the connector.  The connector is required if
>> Exchange
>>> > "polls" (pulled from IIS to Exchange) the IIS/SMTP for the mail as a
>> "POP3
>>> > Client".
>>>
>>> I know what you mean, however from the original post I got the 
>>> impression
>>> that the mailboxes are currently hosted at the ISP which performs all 
>>> kind
>>> of processing on them and also "stores" the messages in which case a 
>>> POP3
>>> connector would be required. If the ISP does not "store" the mailboxes 
>>> and
>>> simply passes everything on to the IIS relay after applying some
>> anti-virus
>>> filtering and so on, then the POP3 connector would be unnecessary as you
>>> pointed out.
>>>
>>> Virgil
>>>
>>>
>>
>>
>
> 


0
Saira6328 (18)
3/2/2006 10:34:44 AM
> What is the best way to get mail from the ISP into the DMZ (yes, the ISP 
> stores the email in mailboxes, so from previous feedback, it looks like 
> the opinion is that I will need a POP connector to get the mail down).

Yes you will. However! As I was saying in my previous email, if you 
integrate a POP3 connector into your internal Exchange instance, you will 
not need this intermediate DMZ step, period. The reason being that the 
internal Exchange can connect to your ISP and retrieve the POP3 mail 
directly, then route the messages to the appropriate mailboxes. Nowhere in 
this scenario are you "exposing" the internal Exchange machine - there will 
be no "incoming" connections to it, just outgoing requests made from the 
POP3 connector to your ISP mail servers. This is as secure at it can be - 
you only need to allow outbound access through your firewalls for the ISP 
IP(s), for the POP3 protocol.

> Once the email gets to the IIS Server I need it to be relayed to the 
> internal Exchange server (this is where I am getting the IIS SMTP 
> configuration error).

This type of configuration is actually even less secure than what I am 
suggesting because you need to allow traffic from the DMZ into the internal 
network space, so if your DMZ ever gets compromised, the offenders will have 
a direct access path into your SMTP service. Still secure enough if you ask 
me, but just pointing out for the sake of the design that integrating the 
POP3 connector into your internal Exchange instance is probably the best 
option security-wise.

Virgil


0
3/2/2006 2:56:56 PM
Kinda long,...read it all.

"Saira" <Saira@BayonetVentures.com> wrote in message
news:ORZNtTePGHA.3936@TK2MSFTNGP12.phx.gbl...
> and we do not want to expose our
> internal Exchange server to the internet.

Why not? If you publish it from ISA (followed by the "outer" firewall doing
a Static NAT to the ISA) you are only exposing the SMTP service which isn't
any different (or worse) than using an SMTP service in the DMZ.

> One option that we did have was to put in place another Exchange server in
> the DMZ, in this case we would have used a POP Connector to contact the
ISP
> and the email would then have gone through to the backend server, however
> this is not our setup.

Yes you could do that, but (in my opinion) this whole method is based on
needless paranoia and on top of that the Admin doing it has to buy ($$$$) 2
Exchange Servers to perform a "single" job that could have just as easily
and safely been done with one Exchange.

> What we actually have is an IIS server in a DMZ and an
> Exchange server on the internal LAN. My questions was:
> What is the best way to get mail from the ISP into the DMZ (yes, the ISP
> stores the email in mailboxes, so from previous feedback, it looks like
the
> opinion is that I will need a POP connector to get the mail down).

Then you have exactly what I thought you did.  *IF* you need a POP3
Connector it would have to go on the IIS/SMTP in the DMZ (not the Exchange
machine) so it could interact with the ISP's system. However I don't think
there is such a thing.  There isn't even a POP3 Service with IIS until you
get to the one with Server2003,...and a POP3 Service is not the same thing
as a POP3 Connector, which as far as I know is an "Exchange only" item.

Now with all that said,...you don't need a POP3 Connector.  The ISP's SMTP
Server will use *SMTP* (not POP3) to send whatever it gets to the "outer
firewall's external IP#,...the firewall using Static NAT will pass it on to
the IIS/SMTP in the DMZ.  The IIS/SMTP does a "rinse & repeat" of what the
ISP did and simply forward everything it recieves to the ISA's external IP#
where the Publishing Rule grabs it and passes it to the Exchange Server.
The Exchange Server is the one with the "brains" and will determine what to
do with the messages and if they even really belong there.

> Once the email gets to the IIS Server I need it to be relayed to the
> internal Exchange server (this is where I am getting the IIS SMTP
> configuration error). My main question here, was how do I make sure that
all
> mail for all three domains gets forwarded through to the internal Exchange
> server.

1. In the MMC below the  IIS/SMTP Virtual Server there is a Domains
Object,...in it you have to list all the Domains you are dealing with (do
not include the "@"). Make sure they aren't spelled wrong.

    a. Then in the Properties of each of those Domain (not counting the
Local
        Default one),...enable "Allow the mail to be relayed to this domain"
    b. Then enable "Forward all mail to Smarthost" and give it the external
        ISA's IP# and enclose it in square brackets.
    c. Leave everything else blank. Leave the Advanced Tab blank. Leave
        "Outbound Security" set to anonymous.

2. Then in the Properties of the IIS/SMTP Virtual Server go to the Access
Tab, then the Relay button.  Select "Only the list below",..then leave the
list blank. At the bottom Select the "Allow Computer that successfully
authenticate".

But this group is supposed to be about configuring and troubleshooting
ISA,...not IIS/SMTP.  But then you crossposted to about a million other
groups.

> We already have our internal mailboxes configured via recipient policies
to > receive mail from the various different domains, but I was not sure
whether > this was all I needed to do.

Yes, as far as Exchange is concerned,...that is all you do.  Exchange only
cares about what to do with the mail once it arrives (hence the Recipient
Policy), but Exchange couldn't care less how the mail found its way to the
server.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
-----------------------------------------------------





0
Phillip
3/2/2006 3:00:40 PM
Thank you Phillip and Virgil
It is a very long thread, I didn't realise what I was starting when I 
posted!!

What you are saying makes sense, I must admit I am trying to listen to all 
sides (some of whom say it is a bad idea to allow your Exchange server to 
interact directly with the internet).

If I am to publish my Exchange server to the outer firewall (I am working in 
a back to back scenario), do you have any idea on how to do this? I can see 
how to do this if Exchange was in the DMZ, but not in the internal LAN. I 
assume that if I do this, I am basically done and dusted  as Exchange will 
receive all the email and I will then just need to enable the firewall to 
allow outgoing SMTP from Exchange and that's it....

Saira


"Phillip Windell" <@.> wrote in message 
news:uzVbTogPGHA.1124@TK2MSFTNGP10.phx.gbl...
> Kinda long,...read it all.
>
> "Saira" <Saira@BayonetVentures.com> wrote in message
> news:ORZNtTePGHA.3936@TK2MSFTNGP12.phx.gbl...
>> and we do not want to expose our
>> internal Exchange server to the internet.
>
> Why not? If you publish it from ISA (followed by the "outer" firewall 
> doing
> a Static NAT to the ISA) you are only exposing the SMTP service which 
> isn't
> any different (or worse) than using an SMTP service in the DMZ.
>
>> One option that we did have was to put in place another Exchange server 
>> in
>> the DMZ, in this case we would have used a POP Connector to contact the
> ISP
>> and the email would then have gone through to the backend server, however
>> this is not our setup.
>
> Yes you could do that, but (in my opinion) this whole method is based on
> needless paranoia and on top of that the Admin doing it has to buy ($$$$) 
> 2
> Exchange Servers to perform a "single" job that could have just as easily
> and safely been done with one Exchange.
>
>> What we actually have is an IIS server in a DMZ and an
>> Exchange server on the internal LAN. My questions was:
>> What is the best way to get mail from the ISP into the DMZ (yes, the ISP
>> stores the email in mailboxes, so from previous feedback, it looks like
> the
>> opinion is that I will need a POP connector to get the mail down).
>
> Then you have exactly what I thought you did.  *IF* you need a POP3
> Connector it would have to go on the IIS/SMTP in the DMZ (not the Exchange
> machine) so it could interact with the ISP's system. However I don't think
> there is such a thing.  There isn't even a POP3 Service with IIS until you
> get to the one with Server2003,...and a POP3 Service is not the same thing
> as a POP3 Connector, which as far as I know is an "Exchange only" item.
>
> Now with all that said,...you don't need a POP3 Connector.  The ISP's SMTP
> Server will use *SMTP* (not POP3) to send whatever it gets to the "outer
> firewall's external IP#,...the firewall using Static NAT will pass it on 
> to
> the IIS/SMTP in the DMZ.  The IIS/SMTP does a "rinse & repeat" of what the
> ISP did and simply forward everything it recieves to the ISA's external 
> IP#
> where the Publishing Rule grabs it and passes it to the Exchange Server.
> The Exchange Server is the one with the "brains" and will determine what 
> to
> do with the messages and if they even really belong there.
>
>> Once the email gets to the IIS Server I need it to be relayed to the
>> internal Exchange server (this is where I am getting the IIS SMTP
>> configuration error). My main question here, was how do I make sure that
> all
>> mail for all three domains gets forwarded through to the internal 
>> Exchange
>> server.
>
> 1. In the MMC below the  IIS/SMTP Virtual Server there is a Domains
> Object,...in it you have to list all the Domains you are dealing with (do
> not include the "@"). Make sure they aren't spelled wrong.
>
>    a. Then in the Properties of each of those Domain (not counting the
> Local
>        Default one),...enable "Allow the mail to be relayed to this 
> domain"
>    b. Then enable "Forward all mail to Smarthost" and give it the external
>        ISA's IP# and enclose it in square brackets.
>    c. Leave everything else blank. Leave the Advanced Tab blank. Leave
>        "Outbound Security" set to anonymous.
>
> 2. Then in the Properties of the IIS/SMTP Virtual Server go to the Access
> Tab, then the Relay button.  Select "Only the list below",..then leave the
> list blank. At the bottom Select the "Allow Computer that successfully
> authenticate".
>
> But this group is supposed to be about configuring and troubleshooting
> ISA,...not IIS/SMTP.  But then you crossposted to about a million other
> groups.
>
>> We already have our internal mailboxes configured via recipient policies
> to > receive mail from the various different domains, but I was not sure
> whether > this was all I needed to do.
>
> Yes, as far as Exchange is concerned,...that is all you do.  Exchange only
> cares about what to do with the mail once it arrives (hence the Recipient
> Policy), but Exchange couldn't care less how the mail found its way to the
> server.
>
> -- 
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
> -----------------------------------------------------
> Understanding the ISA 2004 Access Rule Processing
> http://www.isaserver.org/articles/ISA2004_AccessRules.html
>
> Troubleshooting Client Authentication on Access Rules in ISA Server 2004
> http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
>
> Microsoft Internet Security & Acceleration Server: Guidance
> http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
> http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
>
> Microsoft Internet Security & Acceleration Server: Partners
> http://www.microsoft.com/isaserver/partners/default.asp
>
> Deployment Guidelines for ISA Server 2004 Enterprise Edition
> http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
> -----------------------------------------------------
>
>
>
>
> 


0
Saira6328 (18)
3/2/2006 3:15:20 PM
"Saira" <Saira@BayonetVentures.com> wrote in message
news:exIUgwgPGHA.3896@TK2MSFTNGP15.phx.gbl...
> What you are saying makes sense, I must admit I am trying to listen to all
> sides (some of whom say it is a bad idea to allow your Exchange server to
> interact directly with the internet).

I always enjoy "poking" at the guys that believe that.  Just for their
enjoyment,...my Exchange is Published directly to the internet (before I
added the Spam Filtering machine) and I do not run any DMZ at all,...and
probably never will.
A LAN can be made perfectly secure without a DMZ.

> If I am to publish my Exchange server to the outer firewall (I am working
in
> a back to back scenario), do you have any idea on how to do this?

Assuming the ISA is the "inner firewall" and is publishing Exchange to the
DMZ,...you would just pretend that the ISA is the Exchange server and use
the "outer firewall" to publish the ISA Server *as if* it was the Exchange
server.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


0
Phillip
3/2/2006 3:32:33 PM
So you are saying publish the Exchange server to the Back end firewall and 
then on the Front end publish again, but this time point to the ISA server?

How about mail going out? Do I just allow SMTP from the internal to the 
external netwtork via by the Exchange server?

Saira

"Phillip Windell" <@.> wrote in message 
news:e8bJI6gPGHA.916@TK2MSFTNGP10.phx.gbl...
> "Saira" <Saira@BayonetVentures.com> wrote in message
> news:exIUgwgPGHA.3896@TK2MSFTNGP15.phx.gbl...
>> What you are saying makes sense, I must admit I am trying to listen to 
>> all
>> sides (some of whom say it is a bad idea to allow your Exchange server to
>> interact directly with the internet).
>
> I always enjoy "poking" at the guys that believe that.  Just for their
> enjoyment,...my Exchange is Published directly to the internet (before I
> added the Spam Filtering machine) and I do not run any DMZ at all,...and
> probably never will.
> A LAN can be made perfectly secure without a DMZ.
>
>> If I am to publish my Exchange server to the outer firewall (I am working
> in
>> a back to back scenario), do you have any idea on how to do this?
>
> Assuming the ISA is the "inner firewall" and is publishing Exchange to the
> DMZ,...you would just pretend that the ISA is the Exchange server and use
> the "outer firewall" to publish the ISA Server *as if* it was the Exchange
> server.
>
> -- 
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
> 


0
Saira6328 (18)
3/2/2006 4:31:17 PM
Actually Philip, now I've got myself really confused with all the options.
Can I not just use the POP 3 Connector to go and fetch mail from the ISP (no 
publishing involved), and allow SMTP mail our through the inner firewall by 
Exchange (just setting the ISP smtp server as the server to use for 
unresolved email?)

Saira

"Saira" <Saira@BayonetVentures.com> wrote in message 
news:O9Ue8ahPGHA.2320@TK2MSFTNGP11.phx.gbl...
> So you are saying publish the Exchange server to the Back end firewall and 
> then on the Front end publish again, but this time point to the ISA 
> server?
>
> How about mail going out? Do I just allow SMTP from the internal to the 
> external netwtork via by the Exchange server?
>
> Saira
>
> "Phillip Windell" <@.> wrote in message 
> news:e8bJI6gPGHA.916@TK2MSFTNGP10.phx.gbl...
>> "Saira" <Saira@BayonetVentures.com> wrote in message
>> news:exIUgwgPGHA.3896@TK2MSFTNGP15.phx.gbl...
>>> What you are saying makes sense, I must admit I am trying to listen to 
>>> all
>>> sides (some of whom say it is a bad idea to allow your Exchange server 
>>> to
>>> interact directly with the internet).
>>
>> I always enjoy "poking" at the guys that believe that.  Just for their
>> enjoyment,...my Exchange is Published directly to the internet (before I
>> added the Spam Filtering machine) and I do not run any DMZ at all,...and
>> probably never will.
>> A LAN can be made perfectly secure without a DMZ.
>>
>>> If I am to publish my Exchange server to the outer firewall (I am 
>>> working
>> in
>>> a back to back scenario), do you have any idea on how to do this?
>>
>> Assuming the ISA is the "inner firewall" and is publishing Exchange to 
>> the
>> DMZ,...you would just pretend that the ISA is the Exchange server and use
>> the "outer firewall" to publish the ISA Server *as if* it was the 
>> Exchange
>> server.
>>
>> -- 
>> Phillip Windell [MCP, MVP, CCNA]
>> www.wandtv.com
>>
>>
>
> 


0
Saira6328 (18)
3/2/2006 5:05:41 PM
"Saira" <Saira@BayonetVentures.com> wrote in message 
news:eU7CLuhPGHA.428@tk2msftngp13.phx.gbl...
> Actually Philip, now I've got myself really confused with all the options.
> Can I not just use the POP 3 Connector to go and fetch mail from the ISP 
> (no publishing involved), and allow SMTP mail our through the inner 
> firewall by Exchange (just setting the ISP smtp server as the server to 
> use for unresolved email?)

That's what I said all along. Yes you can do that (although it will require 
you purchase such a POP3 connector for your Exchange), and again this is the 
most secure scenario and requires the least amount of reconfiguration 
because everything will continue to work as before. Mail continues to arrive 
in the POP3 mailboxes hosted by your ISP, so no DNS reconfiguration will be 
required, no nothing - you just configure the POP3 connector to fetch email 
from the ISP and that's it. No inbound connections of any kind (=server 
publishing rules) are needed with this setup.

So if you're OK with the ISP having control over your email storage and can 
afford to buy the POP3 connector software, by all means, go with it.

Virgil


0
3/2/2006 5:21:08 PM
"Saira" <Saira@BayonetVentures.com> wrote in message
news:O9Ue8ahPGHA.2320@TK2MSFTNGP11.phx.gbl...
> So you are saying publish the Exchange server to the Back end firewall and
> then on the Front end publish again, but this time point to the ISA
server?

That is correct. As far as the outer-most firewall is concerned, it thinks
the ISA is the Exchange box.

> How about mail going out? Do I just allow SMTP from the internal to the
> external netwtork via by the Exchange server?

Publishing doesn't effect outbound.  The Exchange uses SMTP outbound exactly
the same way a user would use SMTP outbound with Outlook Express or
something. So in that respect Exchange is just nothing more than an SMTP
Client initiating an outbound SMTP connection,...however it *does* need to
be able to do so "anonymously".  It is all completely unrelated to any of
the Publishing,... Publishing is only inbound.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
-----------------------------------------------------



0
Phillip
3/2/2006 5:23:04 PM
"Saira" <Saira@BayonetVentures.com> wrote in message
news:eU7CLuhPGHA.428@tk2msftngp13.phx.gbl...
> Actually Philip, now I've got myself really confused with all the options.
> Can I not just use the POP 3 Connector to go and fetch mail from the ISP
(no
> publishing involved), and allow SMTP mail our through the inner firewall
by
> Exchange (just setting the ISP smtp server as the server to use for
> unresolved email?)

I suppose you could,...but it is more work and more complicted (to me) than
the other way.  This all has to be worked out by the ISP.  The ISP has to
configure thier system to *hold* your mail when it would otherwise
immediately send the mail to you over SMTP.  The ISP's system would only let
you have the mail when your machines "comes and gets it" using the POP3
Connector.  To me this is a lot worse to deal with and has the most things
that can go wrong.

Of course, everything would be easier if you eliminated the DMZ & Firewall
and ran the ISA totally alone as an "edge" device between the LAN and the
Intenet.  This is why I preach so much against DMZs,...most people don't
even really know why they have one other than someone somewhere told them
they were more secure if they had one.  Now if someone has a good
justifyable reason for one, then fine, that's great,...but doing it "just
because" isn't enough for me.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


0
Phillip
3/2/2006 5:30:34 PM
Thanks for you advice Philip.
If I publish the Exchange server, what sort of security should I put on it?
Obviously the ISP is not able to 'authenticate'. it's just going to forward 
emails to my IP address. Do i just publish the Exchange server and that's it 
(it all sounds a little simple).

On outgoing, presumably I only need to allow the Exchange server access 
through the firewall and then I'm done.

"Phillip Windell" <@.> wrote in message 
news:eljtE8hPGHA.344@TK2MSFTNGP11.phx.gbl...
> "Saira" <Saira@BayonetVentures.com> wrote in message
> news:eU7CLuhPGHA.428@tk2msftngp13.phx.gbl...
>> Actually Philip, now I've got myself really confused with all the 
>> options.
>> Can I not just use the POP 3 Connector to go and fetch mail from the ISP
> (no
>> publishing involved), and allow SMTP mail our through the inner firewall
> by
>> Exchange (just setting the ISP smtp server as the server to use for
>> unresolved email?)
>
> I suppose you could,...but it is more work and more complicted (to me) 
> than
> the other way.  This all has to be worked out by the ISP.  The ISP has to
> configure thier system to *hold* your mail when it would otherwise
> immediately send the mail to you over SMTP.  The ISP's system would only 
> let
> you have the mail when your machines "comes and gets it" using the POP3
> Connector.  To me this is a lot worse to deal with and has the most things
> that can go wrong.
>
> Of course, everything would be easier if you eliminated the DMZ & Firewall
> and ran the ISA totally alone as an "edge" device between the LAN and the
> Intenet.  This is why I preach so much against DMZs,...most people don't
> even really know why they have one other than someone somewhere told them
> they were more secure if they had one.  Now if someone has a good
> justifyable reason for one, then fine, that's great,...but doing it "just
> because" isn't enough for me.
>
> -- 
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
> 


0
Saira6328 (18)
3/2/2006 5:42:47 PM
"Saira" <Saira@BayonetVentures.com> wrote in message
news:unfl5CiPGHA.3856@TK2MSFTNGP12.phx.gbl...
> Thanks for you advice Philip.
> If I publish the Exchange server, what sort of security should I put on
it?
> Obviously the ISP is not able to 'authenticate'. it's just going to
forward
> emails to my IP address. Do i just publish the Exchange server and that's
it
> (it all sounds a little simple).

That is pretty much it. It really isn't that complex,..it is just the DMZ
situation that makes it seem that way.  You still have to make sure Exchange
itself isn't an "open relay" for Spam and in all other ways, properly
configured,..but that is always the case,..it is not part of the
"publishing" aspect.

Remember that when published, only the SMTP Serivce is exposed, nothing else
is,...unless you get into POP3 Publishing for "roaming users" but you
haven't indicated you want to do that.

> On outgoing, presumably I only need to allow the Exchange server access
> through the firewall and then I'm done.

Yes,..and it only has to be outbound SMTP.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


0
Phillip
3/2/2006 5:56:51 PM
> I suppose you could,...but it is more work and more complicted (to me) 
> than
> the other way.  This all has to be worked out by the ISP.  The ISP has to
> configure thier system to *hold* your mail when it would otherwise
> immediately send the mail to you over SMTP.

The ISP does that already Phillip...

> The ISP's system would only let
> you have the mail when your machines "comes and gets it" using the POP3
> Connector.

To the ISP the POP3 connector would look like a client. Nothing special 
there.

> To me this is a lot worse to deal with and has the most things
> that can go wrong.

I don't necessarily share this view :-), once the POP3 connector it's up and 
running, it's smooth sailing - you just set it and forget it. In the end 
it's Saira's decision, I just thought I would suggest this option too.

Virgil



0
3/2/2006 6:10:52 PM
"ZVR" <no_spam_ever@me.local> wrote in message
news:44073523$0$5657$9a6e19ea@unlimited.newshosting.com...
> I don't necessarily share this view :-), once the POP3 connector it's up
and
> running, it's smooth sailing - you just set it and forget it. In the end
> it's Saira's decision, I just thought I would suggest this option too.

It is a valid way to do it, I'm not denying that.  But the ISP may not
already being doing that. It all depends on where the mailboxes reside. If
they already exist on the ISP's server then the POP3 Connection would be the
way to go,...but if the mail boxes don't already eixt at the ISP then the
ISP's server would not be holding the mail and would be just passing the
mail onward to the customers IP#. In fact it may not even touch the ISP's
mail server at all if the customer already has the MX Record pointing to the
themselves which is the assumption I was operating under.

-- 
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


0
Phillip
3/2/2006 6:36:39 PM
"Phillip Windell" <@.> wrote in
news:OWaw$giPGHA.3856@TK2MSFTNGP12.phx.gbl: 

> "ZVR" <no_spam_ever@me.local> wrote in message
> news:44073523$0$5657$9a6e19ea@unlimited.newshosting.com...
>> I don't necessarily share this view :-), once the POP3 connector it's
>> up 
> and
>> running, it's smooth sailing - you just set it and forget it. In the
>> end it's Saira's decision, I just thought I would suggest this option
>> too. 
> 
> It is a valid way to do it, I'm not denying that.  But the ISP may not
> already being doing that. It all depends on where the mailboxes
> reside. If they already exist on the ISP's server then the POP3
> Connection would be the way to go,...but if the mail boxes don't
> already eixt at the ISP then the ISP's server would not be holding the
> mail and would be just passing the mail onward to the customers IP#.
> In fact it may not even touch the ISP's mail server at all if the
> customer already has the MX Record pointing to the themselves which is
> the assumption I was operating under. 
> 

2 things that often get overlooked in that scenario are:

A) Delays. POP3 connectors fetch mail on a schedule. Usually no faster than 
every 15 minutes.

B) flexibility. You simply cannot add e-mail addresses to Exchange. It has 
to also be done at the ISP. And often, ISPs charge by the mailbox.
0
compguy666 (112)
3/3/2006 2:01:54 PM
Reply:

Similar Artilces:

Windows Live Email Time Stamp
The windows live time stamp on all outgoing emails is 4hours later than the actual time. PC time is setup with the correct time zone. Only happens when using the online windows live email access. Can anyone assist? Thanks. v "dioncnr" <dioncnr@discussions.microsoft.com> schreef in bericht news:68BCFE8E-74E3-4967-B733-209DCE7C3BED@microsoft.com... > The windows live time stamp on all outgoing emails is 4hours later than > the > actual time. PC time is setup with the correct time zone. Only happens > when > using the online windows live ...

Outgoing emails
I am having an issue when trying to send emails out.... It has been working fine until about 2 weeks ago. Please help. Message appears as follows..... -- The connection to the server has failed. Subject 'test', Account: 'mail.aapt.net.au', Server: 'mail.aapt.net.au', Protocol: SMTP, Port: 23, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E Try port 25. If you still get an error post back. There are cases where that doesn't work either and you need to change it, and another option as well . . . . let's just try one thing at ...

Emailing in excel 2003 02-26-10
If i type in the cell A34: neil.Holden@test.com and press a button is it possible to email to the address of what ever is in A34 is? The email body should say: this has been submitted for cell B34 and todays date. Thanks. Check out Ron De Bruins "Send-Mail" tips: http://www.rondebruin.nl/sendmail.htm Micky "Neil Holden" wrote: > If i type in the cell A34: neil.Holden@test.com and press a button is it > possible to email to the address of what ever is in A34 is? > > The email body should say: this has been submitted for cell B34 and...

Outgoing emails not sending for outlook express 2000
Hi there, Can anyone help me?Everytime I try to send an email these error messages pop up and I have no idea what to do; The host 'SMTP' could not be found. Please verify that you have entered the server name correctly. Account: 'POP3', Server: 'SMTP', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 11001, Error Number: 0x800CCC0D The host 'POP3' could not be found. Please verify that you have entered the server name correctly. Account: 'POP3', Server: 'POP3', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 11001, Err...

DB Emailing Questions
1) How do i format the message text of an email in Access. I used macro builder - action = sendobject. Can you use code builder? if so, please give me an idea of how the code will be like. 2) Also can i assign the email to have a recipient automatically or do i have to write it down each time? Thank you in advance. -- Message posted via AccessMonster.com http://www.accessmonster.com/Uwe/Forums.aspx/access-formscoding/201001/1 On Jan 21, 11:51=A0am, "axm0035 via AccessMonster.com" <u56602@uwe> wrote: > 1) How do i format the message text of an email in Acce...

Exchange 2007 Evaluation version #2
Can I install it on 64 bit platform and run it as production? On Fri, 23 Feb 2007 09:55:13 -0800, RG <RG@discussions.microsoft.com> wrote: >Can I install it on 64 bit platform and run it as production? There isn't an evaluation version as such. You can install Exchange 2007 without a key for 120 days. ...

Moving 5.5 server from one domain to another
Ex 5.5, sp4 on Win2000 sp4, Mcafee VScan8, Veritas 8.6 currently in NT4 domain. Have exactly the same config in another office except this Ex 5.5 server is the bridge end. Have gone through the process of changing service accounts and that is working fine and machine is using the new service accounts to run the services, (ie using the new service account in the Windows 2003 domain), when I drop out of "abc" domain and into "xyz" domain machine comes up fine, all services start but after about 60 secs the information store stops, if I try to start it manually I get er...

Outlook 2003
Hello. I copied my PST file from my D: drive to my F: drive. I then went into "Data File Management" to get the new location recognized and to have all future mail sent to that location. After doing this, my custom settings, like new folders, date settings, columns, etc, are all back to their default settings. Is there any way I can get my custom settings working again on the F: drive? Thanks, Dan Could you explain yourself a bit more? What custom settings are you refering to? You mean views? And what new folder settings? Also post your version of Outlook. -- Robert Spar...

How to set tab order for a dynamically created CEdit?
Anyone knows? Use SetWindowPos(...) and change the position in the z-order. -- Vipin Aravind <mdnightman@gmail.com> wrote in message news:1139117672.835639.159660@f14g2000cwb.googlegroups.com... > Anyone knows? > Use SetWindowPos. -- Ajay Kalra [MVP - VC++] ajaykalra@yahoo.com <mdnightman@gmail.com> wrote in message news:1139117672.835639.159660@f14g2000cwb.googlegroups.com... > Anyone knows? > ...

Outlook should be able to email MS CRM advanced find queries (grou
The only way to e-mail a group in MS-CRM is to use the Quick Campaign function. The Quick Campaign has several disadvantages: - attachments for emails are not possible - this takes at least about 10 more clicks compared to sending a standard outlook email - the quick campaign doesn't have the look-and-feel of Outlook to which users are accustomed to Therefore it would be great if you could select the emailaddresses from groups retrieved from MS CRM into the TO:, CC: or BCC: field in a standard Outlook email message. Actually you would make the advanced find queries available to sel...

Create pre-set margins & page no's.
How does one "pre-set" margins & desired page-numbering option so that most Word files that a person creates or copies from the Internet automatically are set to these specifications when a new document page is opened? (I am tired of doing this "by hand"over and over again each day!) Also, can I create one or more of this type of "template?" (I've never done this sort of thing before.) Create a template with the desired options specified. See http://word.mvps.org/faqs/customization/CreateATemplatePart1.htm. -- Stefan Blom Microsoft Wo...

Changing Posting Settings
I just wanted to double check that if I am currently Posting TO General Ledger in the Purchasing Series, if I change that to Post THROUGH General Ledger will this have any ill effects. I would make sure everyone is off the system, however if there are batches in the GL that were generated by the AP subledger is this ok and would it then post through the general ledger for any new transactions posted once I change this option? You are fine. Manual post any GL batches. You can do this before or after you change the option. "VDebattista" wrote: > I just wanted to double che...

Exchange Server 2003 Fails to Start after reboot
Since rebooting our Exchange 2003 server running on Windows 2003 server it fails to start the System Attendant and any further exchange services. The only way to logon to the server is boot in safe mode with networking. The server is a member server and is reporting the following errors EVENT 2114 MSExchange DS Access Process INETINFO.EXE (PID=1720). Topology Discovery failed, error 0x80040a02. EVENT 2102 Process MAD.EXE (PID=2176). All Domain Controller Servers in use are not responding: crstgs003.CRSTG.LOCAL crstgs004.CRSTG.LOCAL EVENT 2114 Process MAD.EXE (PID=2176). Topology Discovery ...

Upgrading from Exchange 2000 Standard to Enterprise Cal ? #2
Hello Everyone, I know the upgrade process from exchange 2000 standard to enterprise seems pretty straight forward. However, I have a cal question. Are my standard cals still good with this upgrade. Say I have right now standard 2000 with 30 cals. If I upgrade to Exchange 2000 Enterprise with 25 cals to pass the 16mb limitation. Would I then only have the 25 cals or 55 total cals? Thanks ...

Unable to create more Windows NT accounts for Exchange mailboxes
Hi Guys, Currently our Exchange server stopped allowing the creation of more Windows NT Accounts with the following error"Insufficient System Resources exist to complete the requested service".Pls is there a way out of this? We run Exchange 5.5 SP3 on Windows NT Server. -- Buchi ...

A rule that places a new email in a sub Folder doesnt get displayed
Create a folder; Create a rule that moves new mails to that folder; Happy as larry. When a new mail arrives, outlook shows a blue numeric value next to the folder to indicate unread messages. However, if you add another folder to the folder created above, ie a sub folder and create a rule to move new email, you have to have the tree fully extended to be informed of a new email. Is there a way to see if an new email has been sent to a sub folder without having the tree list expanded? Cheers Phil What version of Outlook and what Service Pack level? --� Milly Staples [MVP - Outloo...

Edit Microsoft Exchange System Object with ADSI
When I applied a new recipient policy to add a 2nd domain name to our users, I applied it to all rather than using a filter to only pick the users in the Users OU. Everything was still fine but we have one conflict. A public folder had the same name as a user and thus had the same email address. We are getting the event:Event ID: 9514 Event Type: Warning Event Source: MSExchangeIS Description: Two objects in the Directory have the same proxy - /DC=COM/DC=[DomainName]/CN=[ContainerName1]/CN=[Object1] and /DC=COM/DC=[DomainName]/CN=[ContainerName2]/CN=[Object2] I deleted the public folder b...

How can I instantly delete emails? I get a strikethrough + purge
...

New Check report security settings
I'm using Report Writer in GP v10. I want to duplicate the report "Check with Stub on Top and Bottom - Graphical". I have tried to use the duplicate button for the report but the report will not show up in the User Security settings. How can I make the duplicated report available to select users? -- fiberfan I would suspect you do not want to duplicate this report (since you cannot really run it correctly) and instead you modify the actual report by choosing the report and pressing "insert". You give security to the modified version once you've modifie...

Excel ignores boot-time regional settings when interpreting a date
I have a third party DDE app that exports dates as strings, correctly using the short date format in the regional and language settings, which, in my case is MM/DD/YYYY (reset at every boot). Unfortunately excel insists in interpreting that date as DD/MM/YYYY [Application.International(xlDateOrder)=1, it should be 0], disregarding my regional settings. The result is that all the dates are wrong or #VALUES! If this is not wierd enough, listen to this: it only happens after I reboot (when the date format is reset to MM/DD/YYYY). If subsequently I change the short date format in the regional se...

Multipage newsletter in the body of an email
I knew that Don had a website where I could find his organization's newsletter. I just sent him the results of that process I posted about the other day. I'm anxiously awaiting his comments. (Just because I can send it to myself and it looks fine doesn't mean it will to others.) :-) -- JoAnn Paules MVP Microsoft [Publisher] ...

Trail Version of Exchange
Hello I have installed and i am test the trail verion of Exchange (180 days) How do i check how many days i have left, as i cannot remember when i installed this Thanks Andy One way to do this would be to fire up ADSIEdit and find out when the Exchange Server object was created in your Exchange Org in the Configuration naming context. Perhaps there are other ways as well, including app. event log... -- Bharat Suneja MVP - Exchange www.zenprise.com NEW blog location: www.exchangepedia.com/blog ---------------------------------------------- "Andrew" <not@home.com> ...

Exporting-importing email accout (.iaf) doesn't work
Hi, i have an .iaf file that i get exporting my email account at work. Now i have imported that file at home, but when i click on "Send and recieve" i get this message: [quote title=3DQuote:] Fall=F3 la conexi=F3n con el servidor. Cuenta: 'pop3.xxx.es', Servidor: 'pop3.xxx.es', Protocolo: POP3, Puerto: 110, Seguridad (SSL): No, Error de socket: 10060, N=FAmero de error: 0x800CCC0E[/quote] I'm using OL Express 6 in both computers (Windows XP). Any idea? Bye Javi Disable email scanning by your anti-virus application. It provides no addit...

email #11
I have a user that wants to get email from inside our main office using Exchange and Outlook 2000. We do not want her to have to RAS in or VPN in. We have SBS 4.5 i.e. Exchange 5.5. Can we setup Exchange to forward her internal mail to an outside mailbox on an ISP. How do we do that most efficently. We are setup with a DSL line and firewall/router that sends all SMTP mail via an MX record at our ISP to our Exchange server. The outside user has a ??????@ntelos.net address and can send and receive mail mail from her ISP mailbox without any problems using her current Outlook settin...

Automatically forwarding emails
Hi I need to forward emails to a specific user to her external email. The user only wants those emails forwarded who are addressed to her and not the ones that she is cc'd or bcc'd. Hence my choice of client side rule. I have done the following; 1. Created a contact with her external email address under 'Active Directory Users and Computers', 2. Ticked 'Allow Automatic Forward' under Exchange->Global Settings->Internet Message Format->Default->Properties->Advanced tab. 3. Logged in to the relevant user's pc under her name and in outlook created ...