POP/IMAP Users and Limiting Inbound SMTP Traffic

Problembeskrivelse

We have run into an issue where administrators limit inbound SMTP traffic on Exchange and have POP/IMAP users outside the network that can no longer send email out. Since the SMTP traffic is limited to just Norman IPs this will not allow those POP/IMAP users to connect to the Exchange Server when sending outbound email.

Løsning på problemet

A work around for this would be to create a second SMTP Virtual Server that is set to accept email on a different port and then edit the outlook client to send email out on the new Port. The following steps cover creating a second SMTP Virtual server for relay purposes.

Configuring the Exchange Server

  1. Open Exchange System Manager
  2. Navigate to the SMTP Protocol under your server
  3. Right Click SMTP and New > SMTP Virtual Server
    a. Provide the SMTP Virtual Server a name
    b. Ex: POP Relay
  4. You may receive a prompt stating that the server will not start because it has properties that are the same as the Default SMTP Virtual Server, just click OK.
  5. Once the SMTP Virtual Server is created you will need to modify the properties of it.
  6. Right Click the New SMTP Virtual Server and click on Properties
  7. Under the General Tab Click Advanced.
    a. If there is an entry in the Advanced area, highlight it and click the Edit button
    i. Select the IP you want the server to listen on or leave it unassigned
    ii. Change the TCP Port to the new port you have selected as your POP/IMAP relay Port
    iii. Ex: Port 26
    b. If there is no entry in the Advanced area you will need to click add and then follow the same steps as listed above.
  8. With that step completed its now time to edit who can send mail to the new SMTP Virtual Server
  9. While in the new SMTP Virtual Server Properties Click the Access Tab.
  10. Under Access Control click the Authentication button
    a. In the authentication properties uncheck, "Anonymous Access"
    i. There is no need for anonymous access on the relay server because only your trusted users should be connecting to this new Virtual Server
    b. Make Sure Basic Authentication and Integrated Windows Authentication are checked.
  11. After making all the above changes you will now need to start the new SMTP Virtual Server
    a. Right click the new server and click start

Configure the Firewall

Once you have completed the steps above you will need to open the new port on your firewall. Make sure that the port is set in the firewall to send all TCP traffic over to the IP of the Exchange Server. A good way to test this is to run a telnet sessions to that new port from outside your network. You can have your remote users test it since they will be the ones using it. They should receive a prompt back from the server.

Configure Outlook

Once all the tests check out okay you can now reconfigure the outlook client to start using the new SMTP Virtual Server for sending email.

  1. Go to the users POP/IMAP account settings within outlook.
  2. Click More Settings
  3. You should see and Advanced Tab, select it
  4. Under Advanced there should be a "ServerPort" area
  5. Change the Outgoing Server (SMTP) to the new port you have configured.
  6. Click OK


Date Published: 2012.06.06   Opdatere dato: 2012.11.14