Thanks Tanya :) sorry about the mistake On Tue, Mar 19, 2013 at 11:09 AM, Alexander Rose <arose...@gmail.com> wrote:
> Thanks Tina, Jim, > > All relevant remarks. > I will end up NAT-ing our 2 hub IPs as suggested. > As for outgoing SMTP, Jim is right we don't filter at all SMTP for > outgoing traffic, i told my manager we should do something about it but he > is having a hard time believing that if i would close port 25 except for > our HT it will not cause any issues... > > > Anyways thanks a lot for putting me on the right track, much appreciated! > > > > > On Mon, Mar 18, 2013 at 6:28 PM, Tanya Pinetti <tpine...@outlook.com>wrote: > >> Alexander, >> If you went with a single Edge server, you would lose redundancy as the >> single Edge is now your single point of failure. If you used both HTs, you >> have redundancy. While you can go with one public IP NAT'd to both HT >> servers (as mentioned by Jim below), I would prefer a one-to-one NAT >> assuming you have enough public IPs. For me, one-to-one makes >> troubleshooting easier. >> >> ------------------------------ >> From: kennedy...@elyriaschools.org >> To: exchangelist@lyris.sunbelt-software.com >> >> Subject: RE: Design question regarding smart-host >> Date: Mon, 18 Mar 2013 17:17:51 +0000 >> >> >> >> >> This is for outgoing email correct? >> >> >> >> You still only need one public IP. NAT both servers to the same IP. I >> would assume you can still use the old IP your spam appliance used….should >> be a quick setup in your firewall. >> >> >> >> *From:* Alexander Rose [mailto:arose...@gmail.com] >> *Sent:* Monday, March 18, 2013 1:16 PM >> *To:* MS-Exchange Admin Issues >> *Subject:* Design question regarding smart-host >> >> >> >> We have two HT servers actually. I think that is why i thought about >> using an edge sync server so i would only need one public IP. >> >> >> >> >> Le lundi 18 mars 2013, Tanya Pinetti a écrit : >> >> All you need is a spare public IP and NAT it to your HT server. I prefer >> not using an Edge server if you are sending all outbound emails to FOPE >> since your networking team will have an ACL on the firewall allowing only >> your HT server SMTP access to the FOPE subnet. >> >> Sent from my iPhone >> >> >> On Mar 18, 2013, at 8:58 AM, "Alexander Rose" <arose...@gmail.com> wrote: >> >> Hi all, >> >> We currently use an old Anti-Spam appliance as our smart host, it is >> located in a DMZ and has a NATed IP for sending emails to the outside >> world. We only have one Send Connector in our Exchange Org. and it uses >> this smart-host for all emails. >> >> >> I have created a new send connector to test our new smart-host ( >> mail.messaging.microsoft.com as were moving to FOPE). >> After an email was sent for testing, i received a notification from >> Microsoft that states that the IP used to send the email was blocked and >> banned. When i checked the IP, i found out it is the one our internal >> clients are getting when they go on Internet (if i go to whatismyip.comfrom >> my workstation i get that IP, all clients are NATed to that one public >> IP). >> >> As all our clients are using this IP, we would like to use a dedicated >> public IP for sending emails. In our situation the only solution i see >> would be to setup our own smart-host first (let say a Edge Sync Server), >> create a default send connector on our Exchange HUBs to direct emails to >> this Edge Sync server and create another Send connector on the Edge Sync >> server to direct emails to FOPE. >> >> Am i correct? Or is there a way to do differently? >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe exchangelist >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe exchangelist >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe exchangelist >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe exchangelist >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe exchangelist >> > > --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
