Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: steve288 on June 08, 2010, 09:54:46 PM
-
We use the option in the sme server to "delegate e-mail processing to another system," The software we use is Exchange 2003.
I have successfully followed the instructions found here, Titled "ProxyPass for Exchange / Outlook Web Access" see http://forums.contribs.org/index.php?topic=40075.0
This allows us to use proxypass to use the Microsoft web access to get at our mail inside the firewall.
I would like to take it a step further. Has anyone been able to use proxypass or some mechanism to get pop mail from their internal mail server through the SME server.
I can pick up mail internally from the exchange server via pop if i use the local ip of the mail server eg. 10.1.0.2 but if I try anything else it does not work. eg. if our domain is hello.com I have tried to pick up mail via hello.com, mail.hello.com (which is our sme servers name on the net) and even the ip address of the sme server that is forwarding the fail. The port that the exchange seems to work on is 110 although it also listens on ssl 995. but I have not set up certificate for this. I want to do easy first.
I know its picking up mail via pop cause I can do it in house. But how can I do it from outside?
Thanks.
-
if your SME in in server & gateway mode, you can forward the tcp ports 110 and 995 to the internal ip..
-
Indeed, I have forwarded port 110 to the internal Exchange server 10.1.0.2 and now I can pick up mail.
Great wonderfull.
This may be outside the scope of this group but while I can pick up email I cannot send it. Depending on the settings I get a variety of errors.
However its being refused. There are a variety of errors given depending on how I set it up. One forexample is .
The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'some@email.com'. Subject 'test 2', Account: 'Exchange', Server: 'mail.myoutboundserver.com', Protocol: SMTP, Server Response: '550 Relaying denied (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79
I have tried to put my username and password into outlook express in the my server requires authentidcation box but still no luck.
Any thoughts? I dont know if this is an sme issue or an exchange issue. I know that relaying is no allowed in good email providers to stop spam, but Im not exacly sure how to get past this error.
thanks.
-
The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'some@email.com'. Subject 'test 2', Account: 'Exchange', Server: 'mail.myoutboundserver.com', Protocol: SMTP, Server Response: '550 Relaying denied (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79
It seems your mail server is not configured to send mail for the email.com domain. Is it a valid domain on your mail server?
Where do you see this error? On your SME Server or on your Exchange server?
-
Let me be a little overly verbose perhaps...
The SME 7 server is called (this is what is doing the mail defereing and portforwarding.)
mail.mydomain.com
Although of course our domain is called
mydomain.com
When I look up the mx record on the net our mx record shows mail.mydomain.com and the sme static Ip address.
When we send mail normally we send it to myname@mydomain.com
(Ok you probably knew all that)
However when I configure my Outlook Express to pickup mail (though SME computer) I configure it to pickup mail from
mail.mydomain.com
Now on Outlook Express outgoing mail..
If I configure it to send mail to mail.mydomain.com I get the error mentioned previously. If I configure it to send mail via just,
mydomain.com
I get the error
The connection to the server has failed. Account: 'Exchange', Server: 'mydomain.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E
Both mail.mydomain.com and mydomain.com dont work. yet when I send mail.
mmm now having typed all this I have tried an experiment. I changed the incoming and outgoing on outlook express to the local ip 10.1.0.2 (and Im behind the network now) and I get the same error as just mentioned. This leads me to think that something is not right with sending exchange and sending pop mail period ?? Im baffled now.
Regards.
-
Well I have solved the problem sort of.
I changed the gateway on my computer to the sme gateway (the same one doing all the mail stuff) The other gateway is a Watchguard gateway. When I set it to the watchguard it fails as described, however when I set it to the sme as gateway it works.
not sure why. pop is open on watchguard?
-
I changed the gateway on my computer to the sme gateway (the same one doing all the mail stuff) The other gateway is a Watchguard gateway. When I set it to the watchguard it fails as described, however when I set it to the sme as gateway it works.
not sure why.
Portforwarding via NAT can only work if the return traffic passes through the NAT device. Therefore, the NAT device must be the default gateway for the device being forwarded to.
-
Fleshing out what your saying, (cause its at the edge of my knowledge, and even that I may have wrong)..
I believe Nat basically keeps track of ip's in and out. It matches what is coming back in with who asked for it. Matching Outside Ips with inside Ip's.
Port forwarding changes the IP's . This prevents it from working.
I will try it from home and see if I get the same error.
-
At home it does not work either, Interestinly People have reported that they can send mail within the domain using this pop method. e.g. anotheremail@mydomain.com
Another interesting point is that if I use smtp10.bellnet.ca I can send mail out. However at home this does not work.
Is there any other solution that anyone can think of to get this to work for anyone no matter where they are coming in from.
The goal of this is actually to get some cell phone users to be able to pick up mail.
thanks.
-
steve288
Charlie gave you the answer ie
"Therefore, the NAT device must be the default gateway for the device being forwarded to."
You said this does work OK if you use the sme server as gateway.
-
Unfortunetely it does not work if your outside the network.
Any way we can consider this topic as closed.
Regards
-
I have this configuration working on several networks; you should be able to make it work.
There are lots and lots (and lots) of variables involved; if you want help nailing down a configuration that will definitely work for you I'd need to know more about how your network is currently configured.
My first guess is that you need to get smtp-over-ssl working on your exchange box, then forward the appropriate ports for this from your watchguard to your exchange. This becomes tricky because Microsoft wants to use TLS on port 25 -- which then conflicts with the firewall rule routing inbound smtp traffic through your SME for spam filtering. You can get around this by creating a firewall rule that forwards a different port (eg 2525) to port 25 on the exchange server, or by adding a new port to the exchange server smtp instance, or by creating a new smtp instance on the exchange server that only supports ssl connections (not tls) - then configuring the remote users to use the appropriate settings.
You can also get around it by creating a single "smtprelay" user on your SME box, then configuring all of your remote users to use authenticated smtp relay through your SME box using the specified "smtprelay" account credentials (assuming you don't want to re-create all of the exchange users on the sme server).
You will also want to make sure that your DNS is configured so that you can use a single name for the mail server both internally and externally - so that you can configure a client in the office, then take it off-site and have it still work with no configuration changes. This amounts to creating a single DNS entry on your LAN DNS server for the mail server, which can be tricky (in Active Directory, for example, create a new *domain* named "mailserver.publicdomain.tld", then point the "@" record for this "domain" to the LAN ip for the mail server - this gets "mailserver.publicdomain.tld" working from the LAN without breaking "webserver.publicdomain.tld" - which is still passed to the public dns servers).
-
zlatan: fie upon you, forum spammer! Begone!
Post by zlatan referred above has been deleted.