cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10778
Views
0
Helpful
17
Replies

Ironport as Smarthost for Exchage

I'm trying to set up the Ironport as a Smarthost for my Exchange server. I've set up the Ironport according to the following instructions I found on a post here (see below). When I send an e-mail it get bounced with the following message - "<ironport>" Below are the entries from the log.

Fri Aug 1 14:55:15 2008 Info: New SMTP ICID 1534143 interface Management (10.1.255.48) address 10.1.255.30 reverse dns host unknown verified no
Fri Aug 1 14:55:15 2008 Info: ICID 1534143 RELAY SG Exchange match 10.1.255.30-31 SBRS rfc1918
Fri Aug 1 14:55:15 2008 Info: Start MID 133540 ICID 1534143
Fri Aug 1 14:55:15 2008 Info: MID 133540 ICID 1534143 From: <Doug>
Fri Aug 1 14:55:15 2008 Info: MID 133540 ICID 1534143 RID 0 To: <dadockter>
Fri Aug 1 14:55:15 2008 Info: MID 133540 Message-ID '<0C4A10F36EA3674CAE378A13BC44ED67021FCE46>'
Fri Aug 1 14:55:15 2008 Info: MID 133540 Subject 'test e-mail'
Fri Aug 1 14:55:15 2008 Info: MID 133540 ready 4754 bytes from <Doug>
Fri Aug 1 14:55:15 2008 Info: MID 133540 matched all recipients for per-recipient policy DEFAULT in the outbound table
Fri Aug 1 14:55:15 2008 Info: ICID 1534143 close
Fri Aug 1 14:55:15 2008 Info: MID 133540 interim AV verdict using Sophos CLEAN
Fri Aug 1 14:55:15 2008 Info: MID 133540 antivirus negative
Fri Aug 1 14:55:15 2008 Info: MID 133540 queued for delivery
Fri Aug 1 14:55:15 2008 Info: New SMTP DCID 65814 interface 10.1.255.48 address 10.1.255.30 port 25
Fri Aug 1 14:55:15 2008 Info: Delivery start DCID 65814 MID 133540 to RID [0]
Fri Aug 1 14:55:15 2008 Info: Bounced: DCID 65814 MID 133540 to RID 0 - Bounced by destination server with response: 5.1.0 - Unknown address error ('550', ['5.7.1 Unable to relay for dadockter@comcast.net'])
Fri Aug 1 14:55:15 2008 Info: Start MID 133541 ICID 0
Fri Aug 1 14:55:15 2008 Info: MID 133541 was generated for bounce of MID 133540
Fri Aug 1 14:55:15 2008 Info: MID 133541 ICID 0 From: <>
Fri Aug 1 14:55:15 2008 Info: MID 133541 ICID 0 RID 0 To: <Doug>
Fri Aug 1 14:55:15 2008 Info: MID 133541 ready 5994 bytes from <>
Fri Aug 1 14:55:15 2008 Info: MID 133541 queued for delivery
Fri Aug 1 14:55:15 2008 Info: Message finished MID 133540 done




Create a new mail flow policy as follows:
- Go to 'Mail Policies -> HAT overview' link in GUI.
- Select the Mail Flow Policies link, beneath the HAT Overview.
- Click the Add Policy button.
- Name the policy.
- Set connection Behavior set to RELAY.
- In the Security Features, turn on Virus Protection and disable Spam Protection.
- Submit and commit changes.

Create a new sendergroup as follows:
- Go to 'Mail Policies -> HAT overview' link in GUI.
- Add a new Sender Group and set the order # to 1. Associate the new
mail flow policy(created above) to this sendergroup.
- Submit and commit changes.

Now click on the new sendergroup and add the ip address of the exchange server to this sendergroup. Once again, submit and commit changes.

17 Replies 17

Are you trying to relay from your Exchange account or your comcast account?... or are they one and the same.

If you telnet from your exchange server to the ironport on port 25 and issue the helo command, do you get an error kicked back?

Chris

BTW... These are the settings I have for my Relay policy which is tied to my RelayList Sender Group (which containts the IP's of my Exchange backend boxes).

[img:7b59a1d635]http://users.ctinet.net/cki/ironport/post2/1.jpg[/img:7b59a1d635]

[img:7b59a1d635]http://users.ctinet.net/cki/ironport/post2/2.jpg[/img:7b59a1d635]

[img:7b59a1d635]http://users.ctinet.net/cki/ironport/post2/3.jpg[/img:7b59a1d635]

Chris

I was sending an e-mail to the comcast account from my Exchange server. My policy settings are identical to yours as far a I can see.

Try this out:

Telnet to your IronPort on port 25 from your exchange server and go through the following commands

telnet 10.1.255.48 25
helo
mail from: you@yourdomain.com
rcpt to: dadockter@comcast.net
data
Test
.

After the period hit enter and see if you get the test email to your comcast account. Also check if there are any errors kicked back by the IronPort during the process of manually sending an email.

Connecting To 10.1.255.48...Could not open connection to the host, on port 25: Connect failed

10.1.255.48 is the IP address tied to your mail listener on the IronPort correct?

Yes. And I'm using the same listener for incoming and outgoing mail. I'd include a screen shot of the settings, but I haven't quite figured out how to do that.

[/img]

hmmm, that's odd. You should atleast be able to telnet the ironport on port 25, especially since it looks like your exchange server is on the same subnet.

Are you able to telnet to the ironport on port 25 from your desktop / laptop?

McAfee AV was preventing me from making the Telnet connection. I disabled it and was able to send but am still getting the below message. Even tried a different dest. account.

Your message did not reach some or all of the intended recipients.

Subject:

The following recipient(s) cannot be reached:

dadockter@gmail.com on 8/4/2008 11:55 AM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.

Did you ever get this figured out?

If not i would verify you have firewall rules in place to allow connections both from and to the ironport on port 25 for smtp traffic.

Ran into that issue a little while ago on an eval install i was doing for a customer.

I had to add the IP address of the IronPort to the Relay Restrictions list in the Exchange default SMTP Virtual Server properties.

Sounds good - just wanted to make sure you got it resolved.

Hope all is well with the box.

Well I thought I had this working. I'm attempting to go live with it tonight, but the outgoing e-mails from Exchange are getting stuck in the the SMTP queue. Ironport shows the following:

Tue Aug 19 17:45:06 2008 Info: Start MID 143332 ICID 1638975
Tue Aug 19 17:45:06 2008 Info: MID 143332 ICID 1638975 From:
Tue Aug 19 17:45:06 2008 Info: MID 143332 ICID 1638975 RID 0 To:
Tue Aug 19 17:45:06 2008 Info: MID 143332 Message-ID '<6d7f9ea20808191545s66c2ef36ld9df0536b30213a6>'
Tue Aug 19 17:45:06 2008 Info: MID 143332 Subject '5:45 email test from gmail'
Tue Aug 19 17:45:06 2008 Info: MID 143332 ready 2032 bytes from
Tue Aug 19 17:45:06 2008 Info: MID 143332 matched all recipients for per-recipient policy DEFAULT in the inbound table
Tue Aug 19 17:45:06 2008 Info: MID 143332 interim verdict using engine: CASE spam negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 using engine: CASE spam negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 interim AV verdict using Sophos CLEAN
Tue Aug 19 17:45:06 2008 Info: MID 143332 antivirus negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 queued for delivery
Tue Aug 19 17:45:06 2008 Info: New SMTP DCID 71857 interface 10.1.255.48 address 10.1.255.30 port 25
Tue Aug 19 17:45:06 2008 Info: Delivery start DCID 71857 MID 143332 to RID [0]
Tue Aug 19 17:45:06 2008 Info: Message done DCID 71857 MID 143332 to RID [0]
Tue Aug 19 17:45:06 2008 Info: MID 143332 RID [0] Response '2.6.0 <6d7f9ea20808191545s66c2ef36ld9df0536b30213a6> Queued mail for delivery'
Tue Aug 19 17:45:06 2008 Info: Message finished MID 143332 done
Tue Aug 19 17:45:12 2008 Info: DCID 71857 close

kluu_ironport
Level 2
Level 2

In the example below, it looks like From: going To: was accepted and processed successfully by the IronPort appliance as an inbound traffic.

The reason why you can tell it's inbound (Internet into your network) is because of this entry in the provided logs:

Tue Aug 19 17:45:06 2008 Info: MID 143332 matched all recipients for per-recipient policy DEFAULT in the inbound table


The IronPort scanned it okay and delivered it to the mailserver(which I assume is an Exchange server). The lines below tell us that it got delivered successfully. Is your mailserver 10.1.255.30? The IronPort appears to have the IP of 10.1.255.48.

Tue Aug 19 17:45:06 2008 Info: New SMTP DCID 71857 interface 10.1.255.48 address 10.1.255.30 port 25
...
...
Tue Aug 19 17:45:06 2008 Info: MID 143332 RID [0] Response '2.6.0 <6d7f9ea20808191545s66c2ef36ld9df0536b30213a6> Queued mail for delivery'



If this wasn't the desired result, please grep on this, "ICID 1638975" to get info on where the connection came from.

grep -i "ICID 1638975" mail_logs


This doesn't appear to be an outbound traffic. Try search for this:

grep -i "outbound table" mail_logs



Well I thought I had this working.  I'm attempting to go live with it tonight, but the outgoing e-mails from Exchange are getting stuck in the the SMTP queue.  Ironport shows the following:

Tue Aug 19 17:45:06 2008 Info: Start MID 143332 ICID 1638975
Tue Aug 19 17:45:06 2008 Info: MID 143332 ICID 1638975 From:
Tue Aug 19 17:45:06 2008 Info: MID 143332 ICID 1638975 RID 0 To:
Tue Aug 19 17:45:06 2008 Info: MID 143332 Message-ID '<6d7f9ea20808191545s66c2ef36ld9df0536b30213a6>'
Tue Aug 19 17:45:06 2008 Info: MID 143332 Subject '5:45 email test from gmail'
Tue Aug 19 17:45:06 2008 Info: MID 143332 ready 2032 bytes from
Tue Aug 19 17:45:06 2008 Info: MID 143332 matched all recipients for per-recipient policy DEFAULT in the inbound table
Tue Aug 19 17:45:06 2008 Info: MID 143332 interim verdict using engine: CASE spam negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 using engine: CASE spam negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 interim AV verdict using Sophos CLEAN
Tue Aug 19 17:45:06 2008 Info: MID 143332 antivirus negative
Tue Aug 19 17:45:06 2008 Info: MID 143332 queued for delivery
Tue Aug 19 17:45:06 2008 Info: New SMTP DCID 71857 interface 10.1.255.48 address 10.1.255.30 port 25
Tue Aug 19 17:45:06 2008 Info: Delivery start DCID 71857 MID 143332 to RID [0]
Tue Aug 19 17:45:06 2008 Info: Message done DCID 71857 MID 143332 to RID [0]
Tue Aug 19 17:45:06 2008 Info: MID 143332 RID [0] Response '2.6.0 <6d7f9ea20808191545s66c2ef36ld9df0536b30213a6> Queued mail for delivery'
Tue Aug 19 17:45:06 2008 Info: Message finished MID 143332 done
Tue Aug 19 17:45:12 2008 Info: DCID 71857 close

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: