disable Exchange Server 2003 Smart Host
|
From: janine Giganti on 27 Jul 2010 10:32 our old IT guy set this up. how do i disable it with out messing up our email? bob.smith.018 wrote: Exchange Server 2003 Smart Host 07-Jan-08 Hi All, Would appreciate any help available: Please correct me if I am wrong: A Smart Host on the SMTP Connector of Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP server, rather than using my own Exchange server to send the email out. In other words, I can forward all of my outgoing mail to say, Google's SMTP server, and have them send the mail out rather than us sending the mail out. Therefore, how would I go about configuring a Smart Host to deliver mail in the following scenario: 1 We POP the mail from our mail server 2 We send messages out using a different (external) mail server with its own SSL port and requires authentication Appreciated, Thanks. Previous Posts In This Thread: On Monday, January 07, 2008 9:47 PM bob.smith.018 wrote: Exchange Server 2003 Smart Host Hi All, Would appreciate any help available: Please correct me if I am wrong: A Smart Host on the SMTP Connector of Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP server, rather than using my own Exchange server to send the email out. In other words, I can forward all of my outgoing mail to say, Google's SMTP server, and have them send the mail out rather than us sending the mail out. Therefore, how would I go about configuring a Smart Host to deliver mail in the following scenario: 1 We POP the mail from our mail server 2 We send messages out using a different (external) mail server with its own SSL port and requires authentication Appreciated, Thanks. On Tuesday, January 08, 2008 12:18 AM kj [SBS MVP] wrote: Re: Exchange Server 2003 Smart Host bob.smith.0182(a)gmail.com wrote: Well your sort of in the ballpark, but your "smarthost" is a 'service' usually provided by your ISP and one that doesn't just accept mail from anyone (like spammers). Usually your ISP limits it to source IP addresses on it's networks (static or dynamic). Check with your ISP which may provide a smarthost for use, sometimes for a slight fee. Exchange has no provision for smarthost SSL, alternate ports, or authenticated connections (at least that I am aware of). -- /kj On Tuesday, January 08, 2008 12:40 AM Austin Smith wrote: hey there! hey there! Check your system manager; adminisitrative groups; server; protocols; smtp. You should be able to find some settings in the smtp virtual instance when you right click (Context menu) and select properties. Are you trying to use gmail for your domain email hosting? Thanks, Austin Smith, A+, MCP Digital Son, I.T. Services <bob.smith.0182(a)gmail.com> wrote in message news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com... On Wednesday, January 09, 2008 4:31 AM v-terli wrote: Hello Bob,Thank you for posting here. Hello Bob, Thank you for posting here. Let's also thank Kevin and Austin for the input. According to your description, I understand that you want to enable SSL for the SMTP connector to delivery email to Google Mail. If I have misunderstood the problem, please don't hesitate to let me know. The Google Mail enable SSL SMTP connection for clients to connect but not for Exchange server. Google Mail is not ISP, and not a Smart Host provider. Kevin is correct, Exchange do not support SSL for SMTP or SMTP connector. The Exchange only support TLS for that. The TLS and the SSL are all used for encryption SMTP traffic, TLS for server to server, SSL for client to server. Therefore, you will find the SSL options available in Outlook, but you can only find TLS in SMTP connector. Based on my research, we can only enable TLS for SMTP connector to encrypt the SMTP traffic: The use of the Transport Layer Security (TLS) protocol over SMTP offers certificate-based authentication and helps provide security-enhanced data transfers by using symmetric encryption keys. In symmetric-key encryption (also known as shared secret), the same key is used to encrypt and to decrypt the message. TLS applies a Hash-based Message Authentication Code (HMAC). HMAC uses a hash algorithm in combination with a shared secret key to help make sure that the data has not been modified during transmission. The shared secret key is appended to the data to be hashed. This helps enhance the security of the hash because both parties must have the same shared secret key to verify that the data is authentic. Enable TLS on SMTP connector in SBS: 1. Install an X.509 server certificate on the server. For more information about X.509 certificates, click the following article number to view the article in the Microsoft Knowledge Base: 319574 How to use certificates with virtual servers in Exchange 2000 Server http://support.microsoft.com/kb/319574/ 2. Enable TLS on the SMTP connector with smarthost configured. To enable TLS encryption, right-click the SMTP connector, and then click Properties. Click the Advanced tab, click Outbound Security, and then click to select the TLS Encryption check box. 3. Restart SMTP service and Routing Engine service. See the following article for details: How to help protect SMTP communication by using the Transport Layer Security protocol in Exchange Server http://support.microsoft.com/?id=829721 Additional info on TLS: ================ How to secure Simple Mail Transfer Protocol client message delivery in Exchange 2000 Server http://support.microsoft.com/?id=319267 823024 How to Use Certificates with Virtual Servers in Exchange Server 2003 http://support.microsoft.com/?id=823024 329061 Exchange Server cannot communicate with non-TLS domains http://support.microsoft.com/?id=329061 I hope these steps will give you some help. Thanks and have a nice day! Best regards, Terence Liu(MSFT) Microsoft CSS Online Newsgroup Support Get Secure! - www.microsoft.com/security ===================================================== This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may learn and benefit from your issue. Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner. For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone numbers. Any input or comments in this thread are highly appreciated. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- <7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com> <3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com> 02:25:04 GMT) posting-host=203.126.97.229; TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!newsfeed0 0.sul.t-online.de!t-online.de!news.glorb.com!postnews.google.com!u10g2000prn googlegroups.com!not-for-mail smtp. when> you right click (Context menu) and select properties. news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com... On Wednesday, January 09, 2008 5:45 PM Austin Smith wrote: While it would be nice to encrypt the communications between you and the smart While it would be nice to encrypt the communications between you and the smart host, its not necessary. think, when the mail leaves the smart host, its going to be clear text anyways. Do not spin your wheels too much.. ;) You should be able to get it workign using the smtp smarthost feature for outbound mail; the process I described earlier, and retreive via pop3 connector. We have successfully configured this for a few clients, and it works quite well! If you are just looking to cut down on spam, exchange has some very powerful tools you can configure. Look into the receipient policy, tarpitting, rdns lookups and rbl lookups on incoming mail. There is also a 3rd party tool I am quite fond of: www.vamsoft.com. Using the combined methods, I have been able to reduce spam to around 3 a week per user!!!! They all get caught by the junk mail box also ;) HTH, Austin Smith, A+, MCP <bob.smith.0182(a)gmail.com> wrote in message news:7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com... On Jan 8, 1:40 pm, "Austin Smith" <aus...(a)digitalson.com> wrote: Hi Austin! Thanks for the help guys. Yes, we are attempting to use Google hosted domains to use gmail accounts (one of the main reasons being gmail's good spam filters). according to gmail POP, we HAVE to use their SMTP and POP3 servers for outgoing and incoming respective servers. Additionally, they require SSL connections to their servers and authentication. I figure that since Exchange has the option using the Virtual SMTP Instance to activate a Smart Host it should be able to forward all outgoing mail to their SMTP servers so we comply with this? Any help much appreciated Cheers, Bob On Wednesday, January 09, 2008 10:36 PM v-terli wrote: Hello Bob,Thank you for your update.Do you read my previous reply? Hello Bob, Thank you for your update. Do you read my previous reply? I know you can get incoming email from Google mail thru SSL POP3. Yes, the Exchange support SSL POP3 connection. But as I know, the Exchange does not support SSL SMTP connection. Therefore, we unable to send the outgoing email to Google mail thru SSL. Smart host on Exchange also no help. For detail information, please refer to my previous reply. I hope that will give you some help. Thanks and have a nice day! Best regards, Terence Liu(MSFT) Microsoft CSS Online Newsgroup Support Get Secure! - www.microsoft.com/security ===================================================== This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may learn and benefit from your issue. Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner. For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone numbers. Any input or comments in this thread are highly appreciated. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- <d79daa70-79c2-415c-bee4-307b2c84ea42(a)e25g2000prg.googlegroups.com> <3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com> <7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com> 02:27:25 GMT) posting-host=219.79.215.190; CLR TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!newsfeed0 0.sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!border1.nntp.dca giganews.com!nntp.giganews.com!postnews.google.com!e25g2000prg.googlegroups com!not-for-mail host, ;) for it exchange has ?There is news:7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com... when of> > > Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP On Thursday, January 10, 2008 6:51 AM bob.smith.018 wrote: Re: Exchange Server 2003 Smart Host On Jan 8, 1:40=A0pm, "Austin Smith" <aus...(a)digitalson.com> wrote: ... Hi Austin! Thanks for the help guys. Yes, we are attempting to use Google hosted domains to use gmail accounts (one of the main reasons being gmail's good spam filters). according to gmail POP, we HAVE to use their SMTP and POP3 servers for outgoing and incoming respective servers. Additionally, they require SSL connections to their servers and authentication. I figure that since Exchange has the option using the Virtual SMTP Instance to activate a Smart Host it should be able to forward all outgoing mail to their SMTP servers so we comply with this? Any help much appreciated Cheers, Bob On Thursday, January 10, 2008 6:53 AM bob.smith.018 wrote: Re: Exchange Server 2003 Smart Host On Jan 10, 6:45=A0am, "Austin Smith" <aus...(a)digitalson.com> wrote: st, ;) it has e is en Hey All, Thanks for the help provided. Going through the settings that Google Mail set for SMTP& POP3 delivery: 1. Incoming mail server (POP3): pop.gmail.com 2. Outgoing mail server (SMTP): smtp.gmail.com 3. Outgoing server (SMTP) requires authentication 4. Server requires an encrypted connection (SSL) for Incoming (POP3) 5. Server requires an encrypted connection (SSL) for Outgoing (SMTP) 6. Requirement that we MUST use Google servers for incoming (no problem) and outgoing (problem??? :S) So would I be able to achieve all of these things by utilising Exchange's smarthost service? I realise that incoming (POP3) is all fulfilled, so numbers 1 and 4 don't have to be worried about but what about the rest? Thanks for your help its much appreciated Cheers, Bob On Sunday, January 13, 2008 9:26 PM bob.smith.018 wrote: Hi Terence,I have had a look through our Exchange Server as you suggested to Hi Terence, I have had a look through our Exchange Server as you suggested to the SMTP Virtual Server as you suggested. I have further spoken to google and they say that TLS encryption is accepted and conditions are: smtp.gmail.com (use authentication) Use Authentication: Yes Use TLS: Yes (some clients call this SSL) Port: 465 or 587 If I do the following: For Authentication and TLS 1. Default SMTP Virtual Server -> Right Click Properties 2. "Access" Tab 3. "Authentication" 4. Activate the "Basic Authentication" and click TLS Required OR 1. Default SMTP Virtual Server -> Right Click Properties 2. "Delivery" Tab 3. "Outbound Security" 4. Select Basic Authentication (and type details) 5. Click TLS Required Will the above solve the authentication and TLS encryption requirement? Additionally, to satisfy the TCP port requirement for sending to their SMTP server, would this work: 1. Default SMTP Virtual Server -> Right Click Properties 2. "Delivery" Tab 3. "Outbound Connections" 4. Type in TCP Port Would the above solve the TCP Port requirement? Thanks very much for your help. It is very much appreciated. Cheers, Bob On Tuesday, July 27, 2010 10:30 AM janine Giganti wrote: disable Exchange Server 2003 Smart Host Our old network guy set this up. how do i disable it to the default? Submitted via EggHeadCafe - Software Developer Portal of Choice Overriding Deserialization of Persisted Workflow Instances http://www.eggheadcafe.com/tutorials/aspnet/40fe2b27-ef79-45d0-82e1-6eca3ed67df8/overriding-deserialization-of-persisted-workflow-instances.aspx
From: Hart on 27 Jul 2010 14:38 My understanding is the "smart host" is the forwarding agent for the emails. You still use your exchange server to send out emails, but instead of sending them out directly, you send them to the smart host and let smart host send them out. there are some benefits of doing so (you can search online if interested), and some ISPs require to have a smart host (like mine), otherwise all the outgoing emails will be blocked. What is the particular reason you want to disable this? "janine Giganti" wrote: > our old IT guy set this up. how do i disable it with out messing up our email? > > > > bob.smith.018 wrote: > > Exchange Server 2003 Smart Host > 07-Jan-08 > > Hi All, > > Would appreciate any help available: > > Please correct me if I am wrong: A Smart Host on the SMTP Connector of > Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP > server, rather than using my own Exchange server to send the email > out. In other words, I can forward all of my outgoing mail to say, > Google's SMTP server, and have them send the mail out rather than us > sending the mail out. > > Therefore, how would I go about configuring a Smart Host to deliver > mail in the following scenario: > > 1 We POP the mail from our mail server > 2 We send messages out using a different (external) mail server with > its own SSL port and requires authentication > > Appreciated, > > Thanks. > > Previous Posts In This Thread: > > On Monday, January 07, 2008 9:47 PM > bob.smith.018 wrote: > > Exchange Server 2003 Smart Host > Hi All, > > Would appreciate any help available: > > Please correct me if I am wrong: A Smart Host on the SMTP Connector of > Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP > server, rather than using my own Exchange server to send the email > out. In other words, I can forward all of my outgoing mail to say, > Google's SMTP server, and have them send the mail out rather than us > sending the mail out. > > Therefore, how would I go about configuring a Smart Host to deliver > mail in the following scenario: > > 1 We POP the mail from our mail server > 2 We send messages out using a different (external) mail server with > its own SSL port and requires authentication > > Appreciated, > > Thanks. > > On Tuesday, January 08, 2008 12:18 AM > kj [SBS MVP] wrote: > > Re: Exchange Server 2003 Smart Host > bob.smith.0182(a)gmail.com wrote: > > Well your sort of in the ballpark, but your "smarthost" is a 'service' > usually provided by your ISP and one that doesn't just accept mail from > anyone (like spammers). Usually your ISP limits it to source IP addresses on > it's networks (static or dynamic). Check with your ISP which may provide a > smarthost for use, sometimes for a slight fee. > > Exchange has no provision for smarthost SSL, alternate ports, or > authenticated connections (at least that I am aware of). > > -- > /kj > > On Tuesday, January 08, 2008 12:40 AM > Austin Smith wrote: > > hey there! > hey there! > > Check your system manager; adminisitrative groups; server; protocols; smtp. > You should be able to find some settings in the smtp virtual instance when > you right click (Context menu) and select properties. > > Are you trying to use gmail for your domain email hosting? > > Thanks, > Austin Smith, A+, MCP > Digital Son, I.T. Services > > <bob.smith.0182(a)gmail.com> wrote in message > news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com... > > On Wednesday, January 09, 2008 4:31 AM > v-terli wrote: > > Hello Bob,Thank you for posting here. > Hello Bob, > > Thank you for posting here. Let's also thank Kevin and Austin for the input. > > According to your description, I understand that you want to enable SSL for > the SMTP connector to delivery email to Google Mail. If I have > misunderstood the problem, please don't hesitate to let me know. > > The Google Mail enable SSL SMTP connection for clients to connect but not > for Exchange server. Google Mail is not ISP, and not a Smart Host provider. > > Kevin is correct, Exchange do not support SSL for SMTP or SMTP connector. > The Exchange only support TLS for that. The TLS and the SSL are all used > for encryption SMTP traffic, TLS for server to server, SSL for client to > server. Therefore, you will find the SSL options available in Outlook, but > you can only find TLS in SMTP connector. > > Based on my research, we can only enable TLS for SMTP connector to encrypt > the SMTP traffic: > > The use of the Transport Layer Security (TLS) protocol over SMTP offers > certificate-based authentication and helps provide security-enhanced data > transfers by using symmetric encryption keys. In symmetric-key encryption > (also known as shared secret), the same key is used to encrypt and to > decrypt the message. TLS applies a Hash-based Message Authentication Code > (HMAC). HMAC uses a hash algorithm in combination with a shared secret key > to help make sure that the data has not been modified during transmission. > The shared secret key is appended to the data to be hashed. This helps > enhance the security of the hash because both parties must have the same > shared secret key to verify that the data is authentic. > > Enable TLS on SMTP connector in SBS: > > 1. Install an X.509 server certificate on the server. > > For more information about X.509 certificates, click the following article > number to view the article in the Microsoft Knowledge Base: > 319574 How to use certificates with virtual servers in Exchange 2000 Server > > http://support.microsoft.com/kb/319574/ > > 2. Enable TLS on the SMTP connector with smarthost configured. To enable > TLS encryption, right-click the SMTP connector, and then click Properties. > Click the Advanced tab, click Outbound Security, and then click to select > the TLS Encryption check box. > > 3. Restart SMTP service and Routing Engine service. > > See the following article for details: > How to help protect SMTP communication by using the Transport Layer > Security protocol in Exchange Server > http://support.microsoft.com/?id=829721 > > Additional info on TLS: > ================ > How to secure Simple Mail Transfer Protocol client message delivery in > Exchange 2000 Server > http://support.microsoft.com/?id=319267 > > 823024 How to Use Certificates with Virtual Servers in Exchange Server 2003 > http://support.microsoft.com/?id=823024 > > 329061 Exchange Server cannot communicate with non-TLS domains > http://support.microsoft.com/?id=329061 > > I hope these steps will give you some help. > > Thanks and have a nice day! > > Best regards, > > Terence Liu(MSFT) > > Microsoft CSS Online Newsgroup Support > > Get Secure! - www.microsoft.com/security > > ===================================================== > This newsgroup only focuses on SBS technical issues. If you have issues > regarding other Microsoft products, you'd better post in the corresponding > newsgroups so that they can be resolved in an efficient and timely manner. > You can locate the newsgroup here: > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx > > When opening a new thread via the web interface, we recommend you check the > "Notify me of replies" box to receive e-mail notifications when there are > any updates in your thread. When responding to posts via your newsreader, > please "Reply to Group" so that others may learn and benefit from your > issue. > > Microsoft engineers can only focus on one issue per thread. Although we > provide other information for your reference, we recommend you post > different incidents in different threads to keep the thread clean. In doing > so, it will ensure your issues are resolved in a timely manner. > > For urgent issues, you may want to contact Microsoft CSS directly. Please > check http://support.microsoft.com for regional support phone numbers. > > Any input or comments in this thread are highly appreciated. > ===================================================== > > This posting is provided "AS IS" with no warranties, and confers no rights. > > -------------------- > <7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com> > <3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com> > 02:25:04 GMT) > posting-host=203.126.97.229; > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!newsfeed0 > 0.sul.t-online.de!t-online.de!news.glorb.com!postnews.google.com!u10g2000prn > googlegroups.com!not-for-mail > smtp. > when> you right click (Context menu) and select properties. > news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com... > > On Wednesday, January 09, 2008 5:45 PM > Austin Smith wrote: > > While it would be nice to encrypt the communications between you and the smart > While it would be nice to encrypt the communications between you and the > smart host, its not necessary. think, when the mail leaves the smart host, > its going to be clear text anyways. Do not spin your wheels too much.. ;) > You should be able to get it workign using the smtp smarthost feature for > outbound mail; the process I described earlier, and retreive via pop3 > connector. We have successfully configured this for a few clients, and it > works quite well! If you are just looking to cut down on spam, exchange has > some very powerful tools you can configure. Look into the receipient > policy, tarpitting, rdns lookups and rbl lookups on incoming mail. There is > also a 3rd party tool I am quite fond of: www.vamsoft.com. Using the > combined methods, I have been able to reduce spam to around 3 a week per > user!!!! They all get caught by the junk mail box also ;) > > HTH, > Austin Smith, A+, MCP > > <bob.smith.0182(a)gmail.com> wrote in message > news:7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com... > On Jan 8, 1:40 pm, "Austin Smith" <aus...(a)digitalson.com> wrote: > > > Hi Austin! > > Thanks for the help guys. Yes, we are attempting to use Google hosted > domains to use gmail accounts (one of the main reasons being gmail's > good spam filters). according to gmail POP, we HAVE to use their SMTP > and POP3 servers for outgoing and incoming respective servers. > Additionally, they require SSL connections to their servers and > authentication. I figure that since Exchange has the option using the > Virtual SMTP Instance to activate a Smart Host it should be able to > forward all outgoing mail to their SMTP servers so we comply with > this? > > Any help much appreciated > > Cheers, > > Bob > > On Wednesday, January 09, 2008 10:36 PM > v-terli wrote: > > Hello Bob,Thank you for your update.Do you read my previous reply? > Hello Bob, > > Thank you for your update. > > Do you read my previous reply? I know you can get incoming email from > Google mail thru SSL POP3. Yes, the Exchange support SSL POP3 connection. > But as I know, the Exchange does not support SSL SMTP connection. > Therefore, we unable to send the outgoing email to Google mail thru SSL. > Smart host on Exchange also no help. > > For detail information, please refer to my previous reply. > > I hope that will give you some help. > > Thanks and have a nice day! > > Best regards, > > Terence Liu(MSFT) > > Microsoft CSS Online Newsgroup Support > > Get Secure! - www.microsoft.com/security > > ===================================================== > This newsgroup only focuses on SBS technical issues. If you have issues > regarding other Microsoft products, you'd better post in the corresponding > newsgroups so that they can be resolved in an efficient and timely manner. > You can locate the newsgroup here: > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx > > When opening a new thread via the web interface, we recommend you check the > "Notify me of replies" box to receive e-mail notifications when there are > any updates in your thread. When responding to posts via your newsreader, > please "Reply to Group" so that others may learn and benefit from your > issue. > > Microsoft engineers can only focus on one issue per thread. Although we
From: Larry Struckmeyer[SBS-MVP] on 27 Jul 2010 20:57 Hi: Please note that this venue is due to be closed in a few days/weeks and you will get much more attention in the new SBS Forum hosted by MS at the following location. http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/threads You can either use your web browser, or if you prefer to use your existing (or different) nntp news reader you can use one of the official MS bridge applications, or the combined one on codeplex.com Official MS Bridge - Note two required. http://connect.microsoft.com/MicrosoftForums/ Codeplex nntp bridge - only one required. http://communitybridge.codeplex.com/ -Larry -Please post the resolution to your issue so others may benefit. -Get Your SBS Health Check at www.sbsbpa.com > our old IT guy set this up. how do i disable it with out messing up > our email? > > bob.smith.018 wrote: > > Exchange Server 2003 Smart Host > 07-Jan-08 > Hi All, > > Would appreciate any help available: > > Please correct me if I am wrong: A Smart Host on the SMTP Connector of > Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP > server, rather than using my own Exchange server to send the email > out. In other words, I can forward all of my outgoing mail to say, > Google's SMTP server, and have them send the mail out rather than us > sending the mail out. > > Therefore, how would I go about configuring a Smart Host to deliver > mail in the following scenario: > > 1 We POP the mail from our mail server > 2 We send messages out using a different (external) mail server with > its own SSL port and requires authentication > Appreciated, > > Thanks. > > Previous Posts In This Thread: > > On Monday, January 07, 2008 9:47 PM > bob.smith.018 wrote: > Exchange Server 2003 Smart Host > Hi All, > Would appreciate any help available: > > Please correct me if I am wrong: A Smart Host on the SMTP Connector of > Exchange Server 2003 on SBS allolws me to specify an outgoing SMTP > server, rather than using my own Exchange server to send the email > out. In other words, I can forward all of my outgoing mail to say, > Google's SMTP server, and have them send the mail out rather than us > sending the mail out. > > Therefore, how would I go about configuring a Smart Host to deliver > mail in the following scenario: > > 1 We POP the mail from our mail server > 2 We send messages out using a different (external) mail server with > its own SSL port and requires authentication > Appreciated, > > Thanks. > > On Tuesday, January 08, 2008 12:18 AM > kj [SBS MVP] wrote: > Re: Exchange Server 2003 Smart Host > bob.smith.0182(a)gmail.com wrote: > Well your sort of in the ballpark, but your "smarthost" is a 'service' > usually provided by your ISP and one that doesn't just accept mail > from anyone (like spammers). Usually your ISP limits it to source IP > addresses on it's networks (static or dynamic). Check with your ISP > which may provide a smarthost for use, sometimes for a slight fee. > > Exchange has no provision for smarthost SSL, alternate ports, or > authenticated connections (at least that I am aware of). > > On Tuesday, January 08, 2008 12:40 AM > Austin Smith wrote: > hey there! > hey there! > Check your system manager; adminisitrative groups; server; protocols; > smtp. You should be able to find some settings in the smtp virtual > instance when you right click (Context menu) and select properties. > > Are you trying to use gmail for your domain email hosting? > > Thanks, > Austin Smith, A+, MCP > Digital Son, I.T. Services > <bob.smith.0182(a)gmail.com> wrote in message > news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com > ... > > On Wednesday, January 09, 2008 4:31 AM > v-terli wrote: > Hello Bob,Thank you for posting here. > Hello Bob, > Thank you for posting here. Let's also thank Kevin and Austin for the > input. > > According to your description, I understand that you want to enable > SSL for the SMTP connector to delivery email to Google Mail. If I have > misunderstood the problem, please don't hesitate to let me know. > > The Google Mail enable SSL SMTP connection for clients to connect but > not for Exchange server. Google Mail is not ISP, and not a Smart Host > provider. > > Kevin is correct, Exchange do not support SSL for SMTP or SMTP > connector. The Exchange only support TLS for that. The TLS and the SSL > are all used for encryption SMTP traffic, TLS for server to server, > SSL for client to server. Therefore, you will find the SSL options > available in Outlook, but you can only find TLS in SMTP connector. > > Based on my research, we can only enable TLS for SMTP connector to > encrypt the SMTP traffic: > > The use of the Transport Layer Security (TLS) protocol over SMTP > offers certificate-based authentication and helps provide > security-enhanced data transfers by using symmetric encryption keys. > In symmetric-key encryption (also known as shared secret), the same > key is used to encrypt and to decrypt the message. TLS applies a > Hash-based Message Authentication Code (HMAC). HMAC uses a hash > algorithm in combination with a shared secret key to help make sure > that the data has not been modified during transmission. The shared > secret key is appended to the data to be hashed. This helps enhance > the security of the hash because both parties must have the same > shared secret key to verify that the data is authentic. > > Enable TLS on SMTP connector in SBS: > > 1. Install an X.509 server certificate on the server. > > For more information about X.509 certificates, click the following > article number to view the article in the Microsoft Knowledge Base: > 319574 How to use certificates with virtual servers in Exchange 2000 > Server > > http://support.microsoft.com/kb/319574/ > > 2. Enable TLS on the SMTP connector with smarthost configured. To > enable TLS encryption, right-click the SMTP connector, and then click > Properties. Click the Advanced tab, click Outbound Security, and then > click to select the TLS Encryption check box. > > 3. Restart SMTP service and Routing Engine service. > > See the following article for details: > How to help protect SMTP communication by using the Transport Layer > Security protocol in Exchange Server > http://support.microsoft.com/?id=829721 > Additional info on TLS: > ================ > How to secure Simple Mail Transfer Protocol client message delivery in > Exchange 2000 Server > http://support.microsoft.com/?id=319267 > 823024 How to Use Certificates with Virtual Servers in Exchange Server > 2003 http://support.microsoft.com/?id=823024 > > 329061 Exchange Server cannot communicate with non-TLS domains > http://support.microsoft.com/?id=329061 > > I hope these steps will give you some help. > > Thanks and have a nice day! > > Best regards, > > Terence Liu(MSFT) > > Microsoft CSS Online Newsgroup Support > > Get Secure! - www.microsoft.com/security > > ===================================================== > This newsgroup only focuses on SBS technical issues. If you have > issues > regarding other Microsoft products, you'd better post in the > corresponding > newsgroups so that they can be resolved in an efficient and timely > manner. > You can locate the newsgroup here: > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx > When opening a new thread via the web interface, we recommend you > check the "Notify me of replies" box to receive e-mail notifications > when there are any updates in your thread. When responding to posts > via your newsreader, please "Reply to Group" so that others may learn > and benefit from your issue. > > Microsoft engineers can only focus on one issue per thread. Although > we provide other information for your reference, we recommend you post > different incidents in different threads to keep the thread clean. In > doing so, it will ensure your issues are resolved in a timely manner. > > For urgent issues, you may want to contact Microsoft CSS directly. > Please check http://support.microsoft.com for regional support phone > numbers. > > Any input or comments in this thread are highly appreciated. > ===================================================== > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > -------------------- > <7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com> > <3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com> > 02:25:04 GMT) > posting-host=203.126.97.229; > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!new > sfeed0 > 0.sul.t-online.de!t-online.de!news.glorb.com!postnews.google.com!u10g2 > 000prn > googlegroups.com!not-for-mail > smtp. when>> you right click (Context menu) and select properties. when>> > news:3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com > ... > > On Wednesday, January 09, 2008 5:45 PM > Austin Smith wrote: > While it would be nice to encrypt the communications between you and > the smart > While it would be nice to encrypt the communications between you and > the > smart host, its not necessary. think, when the mail leaves the smart > host, > its going to be clear text anyways. Do not spin your wheels too > much.. ;) > You should be able to get it workign using the smtp smarthost feature > for > outbound mail; the process I described earlier, and retreive via pop3 > connector. We have successfully configured this for a few clients, > and it > works quite well! If you are just looking to cut down on spam, > exchange has > some very powerful tools you can configure. Look into the receipient > policy, tarpitting, rdns lookups and rbl lookups on incoming mail. > There is > also a 3rd party tool I am quite fond of: www.vamsoft.com. Using the > combined methods, I have been able to reduce spam to around 3 a week > per > user!!!! They all get caught by the junk mail box also ;) > HTH, > Austin Smith, A+, MCP > <bob.smith.0182(a)gmail.com> wrote in message > news:7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com > ... On Jan 8, 1:40 pm, "Austin Smith" <aus...(a)digitalson.com> wrote: > > Hi Austin! > > Thanks for the help guys. Yes, we are attempting to use Google hosted > domains to use gmail accounts (one of the main reasons being gmail's > good spam filters). according to gmail POP, we HAVE to use their SMTP > and POP3 servers for outgoing and incoming respective servers. > Additionally, they require SSL connections to their servers and > authentication. I figure that since Exchange has the option using the > Virtual SMTP Instance to activate a Smart Host it should be able to > forward all outgoing mail to their SMTP servers so we comply with > this? > > Any help much appreciated > > Cheers, > > Bob > > On Wednesday, January 09, 2008 10:36 PM > v-terli wrote: > Hello Bob,Thank you for your update.Do you read my previous reply? > Hello Bob, > > Thank you for your update. > > Do you read my previous reply? I know you can get incoming email from > Google mail thru SSL POP3. Yes, the Exchange support SSL POP3 > connection. But as I know, the Exchange does not support SSL SMTP > connection. Therefore, we unable to send the outgoing email to Google > mail thru SSL. Smart host on Exchange also no help. > > For detail information, please refer to my previous reply. > > I hope that will give you some help. > > Thanks and have a nice day! > > Best regards, > > Terence Liu(MSFT) > > Microsoft CSS Online Newsgroup Support > > Get Secure! - www.microsoft.com/security > > ===================================================== > This newsgroup only focuses on SBS technical issues. If you have > issues > regarding other Microsoft products, you'd better post in the > corresponding > newsgroups so that they can be resolved in an efficient and timely > manner. > You can locate the newsgroup here: > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx > When opening a new thread via the web interface, we recommend you > check the "Notify me of replies" box to receive e-mail notifications > when there are any updates in your thread. When responding to posts > via your newsreader, please "Reply to Group" so that others may learn > and benefit from your issue. > > Microsoft engineers can only focus on one issue per thread. Although > we provide other information for your reference, we recommend you post > different incidents in different threads to keep the thread clean. In > doing so, it will ensure your issues are resolved in a timely manner. > > For urgent issues, you may want to contact Microsoft CSS directly. > Please check http://support.microsoft.com for regional support phone > numbers. > > Any input or comments in this thread are highly appreciated. > ===================================================== > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > -------------------- > <d79daa70-79c2-415c-bee4-307b2c84ea42(a)e25g2000prg.googlegroups.com> > <3dbeca3f-451b-4cb9-a220-73d2ef4d5552(a)d21g2000prf.googlegroups.com> > <7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com> > 02:27:25 GMT) > posting-host=219.79.215.190; > CLR > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!new > sfeed0 > 0.sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!border1.nn > tp.dca > giganews.com!nntp.giganews.com!postnews.google.com!e25g2000prg.googleg > roups > com!not-for-mail > host, > ;) > for > it > exchange has > ?There is > news:7cc6e4eb-1b40-4446-8561-215ed0929d0c(a)u10g2000prn.googlegroups.com > ... > when of>>>> Exchange Server 2003 on SBS allolws me to specify an outgoing of>>>> SMTP of>>>> > On Thursday, January 10, 2008 6:51 AM > bob.smith.018 wrote: > Re: Exchange Server 2003 Smart Host > On Jan 8, 1:40=A0pm, "Austin Smith" <aus...(a)digitalson.com> wrote: > .. > Hi Austin! > > Thanks for the help guys. Yes, we are attempting to use Google hosted > domains to use gmail accounts (one of the main reasons being gmail's > good spam filters). according to gmail POP, we HAVE to use their SMTP > and POP3 servers for outgoing and incoming respective servers. > Additionally, they require SSL connections to their servers and > authentication. I figure that since Exchange has the option using the > Virtual SMTP Instance to activate a Smart Host it should be able to > forward all outgoing mail to their SMTP servers so we comply with > this? > > Any help much appreciated > > Cheers, > > Bob > > On Thursday, January 10, 2008 6:53 AM > bob.smith.018 wrote: > Re: Exchange Server 2003 Smart Host > On Jan 10, 6:45=A0am, "Austin Smith" <aus...(a)digitalson.com> wrote: > st, > ;) > it > has > e is > en > > Hey All, > > Thanks for the help provided. Going through the settings that Google > Mail set for SMTP& POP3 delivery: > > 1. Incoming mail server (POP3): pop.gmail.com > 2. Outgoing mail server (SMTP): smtp.gmail.com > 3. Outgoing server (SMTP) requires authentication > 4. Server requires an encrypted connection (SSL) for Incoming (POP3) > 5. Server requires an encrypted connection (SSL) for Outgoing (SMTP) > 6. Requirement that we MUST use Google servers for incoming (no > problem) and outgoing (problem??? :S) > So would I be able to achieve all of these things by utilising > Exchange's smarthost service? I realise that incoming (POP3) is all > fulfilled, so numbers 1 and 4 don't have to be worried about but what > about the rest? > > Thanks for your help its much appreciated > > Cheers, > > Bob > > On Sunday, January 13, 2008 9:26 PM > bob.smith.018 wrote: > Hi Terence,I have had a look through our Exchange Server as you > suggested to Hi Terence, > > I have had a look through our Exchange Server as you suggested to the > SMTP Virtual Server as you suggested. I have further spoken to google > and they say that TLS encryption is accepted and conditions are: > > smtp.gmail.com (use authentication) > Use Authentication: Yes > Use TLS: Yes (some clients call this SSL) > Port: 465 or 587 > If I do the following: > > For Authentication and TLS > 1. Default SMTP Virtual Server -> Right Click Properties > 2. "Access" Tab > 3. "Authentication" > 4. Activate the "Basic Authentication" and click TLS Required > OR > > 1. Default SMTP Virtual Server -> Right Click Properties > 2. "Delivery" Tab > 3. "Outbound Security" > 4. Select Basic Authentication (and type details) > 5. Click TLS Required > Will the above solve the authentication and TLS encryption > requirement? > > Additionally, to satisfy the TCP port requirement for sending to their > SMTP server, would this work: > > 1. Default SMTP Virtual Server -> Right Click Properties > 2. "Delivery" Tab > 3. "Outbound Connections" > 4. Type in TCP Port > Would the above solve the TCP Port requirement? > > Thanks very much for your help. It is very much appreciated. > > Cheers, > > Bob > > On Tuesday, July 27, 2010 10:30 AM > janine Giganti wrote: > disable Exchange Server 2003 Smart Host > Our old network guy set this up. how do i disable it to the default? > Submitted via EggHeadCafe - Software Developer Portal of Choice > > Overriding Deserialization of Persisted Workflow Instances > > http://www.eggheadcafe.com/tutorials/aspnet/40fe2b27-ef79-45d0-82e1-6e > ca3ed67df8/overriding-deserialization-of-persisted-workflow-instances. > aspx >
|
Pages: 1 Prev: disable Exchange Server 2003 Smart Host Next: SBS 2008 Setup Wizard Crashes |