HPE Community
BackOffice Products
1826639 Members
3255 Online
109695 Solutions
New Discussion

Exchange administrator configuration question`

 
Steven E. Protter
Exalted Contributor

‎06-24-2004 11:33 AM

‎06-24-2004 11:33 AM

Exchange administrator configuration question`

Exchange 5.5 internal office server.

Office owns an domain hosted at my corporate offices.

So users have their internal system which properly resolves and sends outbound mail.

Inbound mail has worked by the user Exchange setup connecting to the domain server and pulling their mail in via pop2 or pop3.

Imap is set up on the domain server so that squirrelmail(web mail for NUTS) works.

Everything was hunky dory until one of the users violated Internet use policy. I was told to shut access to the Internet. I achieved this taking the gateway out of the workstations network configuration.

Well, you guessed it, no more popmail for inbound mail.

The office is DHCP so there really is no way to push the mail to the exchange server on the inside of this office.

That was the story. Here is the question: Is there a way to configure exchange administrator so it talks the domain/web/mail server and gets the mail that way?

I would need a document an detailed proceudre and I can't find anything at support.microsoft.com

A bunny for a solution.

A point or so for every attempt to help.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
9 REPLIES 9
Norman_21
Honored Contributor

‎06-24-2004 01:39 PM

‎06-24-2004 01:39 PM

Re: Exchange administrator configuration question`

Hi Steven,

Depending on the DNS server setup in the network, I would remove either the DNS IP from the Clients TCP/IP or disable the DNS Recursive in the DNS Server so that the clients will be unable to get on the web!

I will get back to you with an Exchange 5.5 cook book.

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003
0 Kudos
Norman_21
Honored Contributor

‎06-24-2004 01:50 PM

‎06-24-2004 01:50 PM

Re: Exchange administrator configuration question`

Hi again,

My point in my previous post was to keep the gateway and remove the DNS. Try it with one client and see how it goes!

Here is a good documentation:
http://www.microsoft.com/exchange/en/55/help/default.asp

http://support.microsoft.com/default.aspx?scid=%2fsupport%2fexchange%2fcontent%2ffaqs%2fxadmfaq.asp

http://www.microsoft.com/exchange/support/lifecycle/Changes.asp

Hope this help
"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003
0 Kudos
Ganesh Babu
Honored Contributor

‎06-25-2004 02:19 AM

‎06-25-2004 02:19 AM

Re: Exchange administrator configuration question`

Hi SEP,
Are u looking for hot to setup the outlook web access.. thru which employees can access their mails & send mails thru web browser itself???

Ganesh
0 Kudos
Norman_21
Honored Contributor

‎06-25-2004 09:35 PM

‎06-25-2004 09:35 PM

Re: Exchange administrator configuration question`

Steve,
Look under Internet Mail Services.

Server Operations

Before You Begin

Before you install the Internet Mail Service, you should review the following list to ensure you have the environment configured correctly and you have the information needed to complete the Internet Mail wizard.

For improved security and performance, the Internet Mail Service should be run on a Microsoft Windows NT Server using Windows NT file system (NTFS) rather than a file allocation table (FAT) file system.
Know the addressing scheme for your organization.
Determine the SMTP address for the site.
Determine the address space the Internet Mail Service will service.
Identify a recipient who will receive notifications if the Internet Mail Service fails.
Obtain the host name and domain name of the computer on which the Internet Mail Service will be installed.
Determine whether Domain Name System (DNS) will be used to provide host and domain name-to-Internet Protocol (IP) address resolution.
Obtain the IP address of DNS servers or the SMTP hosts that will service the Internet Mail Service.

http://www.microsoft.com/exchange/en/55/help/default.asp

"Attitudes are contagious, is yours worth catching"/ My first point was given by SEP on January 31, 2003
0 Kudos
Steven E. Protter
Exalted Contributor

‎06-28-2004 07:00 AM

‎06-28-2004 07:00 AM

Re: Exchange administrator configuration question`

We don't run IIS for security reasons.

Gotta put this on hold for foriegn travel.

Assigning points, I'll kick it back up when I havve time(2 weeks).

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
David Holbrook
Regular Advisor

‎06-29-2004 07:54 AM

‎06-29-2004 07:54 AM

Re: Exchange administrator configuration question`

How about a little more info? Were you told to remove user acess to the internet, or all internet (i.e., mail, etc.)access? If you have to block all access, then you do not need the Internet interface either!
Is the Exchange server on a fixed legal internet address to receive outside mail?

Is the exchange server your pop server, or is another system the pop server?

If the exchange server is assigned a fixed IP (from the outside) and on an internal (not dhcp assigned) fixed address, then simply have the firewall direct all mail traffic ports directly to the exchange server internal address. Users will then still receive and be able to send mail outside. You can block all other internet access traffic easily at the firewall (block the entire DHCP range of addresses for outgoing and incoming)as a simple solution.

Keep your admin systems and servers on fixed addresses so you can still access the outside, and tightly restrict the number of fixed internal addresses to deny internal users from being inventive too.

IF you are using WINS internally, you can remove the DNS addresses from the DHCP assignment to also keep then from being able to resolve addresses and users will still find each other internally. I would not try to use only this to be an effective block because there will always be some smart users that will bring in their DNS addresses from home to use, so you will also have to totally block them from access to setting any of the network entries on their systems also.

HTH

David
0 Kudos
Steven E. Protter
Exalted Contributor

‎07-23-2004 06:57 AM

‎07-23-2004 06:57 AM

Re: Exchange administrator configuration question`

The user has access to the Exchange server, which means incoming internal mail works.

Because we cut off the net, popmail fails.

It would be nice to configure the exchange server to go out and get the guy's popmail, but there is really no way I can see to do it.

The problem to be honest is the user is browsing sites that are inappropriate but needs good email access to do his job.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
David Holbrook
Regular Advisor

‎07-23-2004 10:08 AM

‎07-23-2004 10:08 AM

Re: Exchange administrator configuration question`

Sep,

If all users are on DHCP, then block the entire DHCP address range for outward traffic at the firewall, and if you do not have a firewall, then you have even bigger problems! :)

At the firewall allow all mail to the two mail ports to be passed to the Exchange server only (that needed for SMTP and POP3), which then allows the mail server to access the internet (and it needs a fixed address, not part of your DHCP range, and has to know the gateway address or it will not be able to fine the internet either. This way you block all DHCP users from access, but allow the mail to get through.

You also need to provide internet access for specific Administrator systems (which will need fixed IP addresses!), or else you can not get the periodic security updates downloaded either. These using specific systems should be restricted so that only the administrators can log on locally or from the network to allow this function.

HTH,

David
0 Kudos
Steven E. Protter
Exalted Contributor

‎07-26-2004 04:18 AM

‎07-26-2004 04:18 AM

Re: Exchange administrator configuration question`

Good idea.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.