Help with Exchange 2003 SMTP virtual servers, connectors, and TLS security.

55 pts.
Tags:
Bridgehead Server
DMZ
Microsoft Exchange 2003
Security
SMTP
SMTP connector
Virtual Server
I’m having problems coming up with the right Exchange SMTP Virtual Server and SMTP connector configuration for our network, after we decom two of our Borderware routers. I’ll try to explain it as simple as possible: - We have all our internal email filtered, and this will be sent to an Exchange server in our DMZ. Let’s call this DMZSMTP. The company that filters our mail can send via TLS. - We have one client that requires TLS inbound and outbound. They will point to DMZSMTP. - The DMZSMTP server will pass mail to and from the internal Exchange 2003 network. I know I need two virtual servers on DMZSMTP, with one of them being the secure SMTP VS requiring TLS. The email filtering company and the TLS-required client will use this. Here’s where I’m having problems: I know I also need to create the secure SMTP Connector, but I’m not sure whether to “forward all mail through this connector to the following smart host” or DNS. In Local Bridgeheads, I know I put the Secure SMTP VS that I created earlier. I’m also confused as to whether I need to add the requires-TLS domain to an address space somewhere. For outbound mail, none of it needs to be TLS, except for to this domain. Is the end goal to have one VS doing all TLS security, and if mail needs to be sent to the TLS client, it’s sent out this VS? I can’t figure out how, though. I have a routing guy who is working with me on this, and he sees the Exchange box having two IP addresses (the two SMTP virtual servers) and his mind starts thinking it’s a router, and it confuses us all.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi, I’m doing something similar – did you ever manage to get an answer as I am completely confused!

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following