First, I apologize if this is a basic question, I have looked at the FAQs
and found some on this in the MS docs from their website... I guess I'm just
looking for confirmation that I'm on the right track or a warning that I'm
doing something stupid (and why)... I'm reading Tony Redmond's book (again)
right now and don't plan on doing any of this until I'm finished (again) but
am trying to work through my scenario as I read...
that being said, here goes...
Currently our site has the following machines
mail01 (E5.5SP4) - bridgehead (has connectors to the other sites and
an IMC)
- the IMC points only to a sendmail machine called
mrelay
mail02 / mail03 (E5.5SP4) - mailbox servers.
msxproto2 - E2Ksp2 machine with SRS installed (currently port 25 is
open in the firewall for this machine)
mail1 / mail2 - (E2Ksp2) machines (currently port 25 is open in the
firewall for them) (naming these mail1 and mail2 was not my idea)
As we move to E2K, I need to test the new SMTP connector....as follows:
1. Configure and SMTP connector for the routing group with a cost greater
than the cost of the IMC on mail01 and points to mrelay (the unix sendmail
machine)...
- this would effectively do nothing as the cost of the SMTP
connector is higher than the cost of the IMC.... just puts it in place.
2. Leaving port 25 open for the E2K machines, increase the cost of the IMC
on mail01 and decrease the cost on the SMTP connector.... this would
effectively re-route the internet mail through the new SMTP connector for
ALL servers (E5.5 and E2K)... but leaves mail internal to the organization
routing through mail01 to the other sites via a site connector.
3. If internet mail flows correctly through this, then I will have the
network guys block port 25 at the firewall for the Exchange machines... this
leaves the only in/outbound point being mrelay. What concerns me here is if
there is any replication between the exchange routing groups (at other
locations) that will be affected by shutting off direct access to the
machines via port 25.... I haven't found anything (yet) that says this would
be detrimental, but want to make sure.
Eventually the E5.5 machines go away (mail01 being the last) at which point
ALL mail outside my routing group would pass through the SMTP connector
right??
Additionally we will be testing TLS between the sendmail box (mrelay) and
Exchange 2000, but that will come after I know I have items 1-3 done.
So I guess my questions in a nutshell are as follows:
1. Does the above look correct?
2. Am I missing or misunderstanding anything here?
3. Will blocking port 25 for the exchange servers at the firewall (they
will still be able to talk to each other via 25 within the Rolla routing
group) cause any adverse affects?
thanks for any help/insight you can provide me and I apologize for the
length of the e-mail.
jeff e.
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
