Non Standard Edge Server to Exchange Site Requirement
Background:Mx Records pointing to External mail host for Archive, Spam, content filteringand Virus checking. Port 25 inbound/outboundonly allowed to and from external host.Need to have all email between my mail servers and external site be encrypted (TLS)External site will also allow Encyrpted email to the internet for sensitive information in emails.I need email between Edge Server and Hub Transport to benon-secure instead of standard encrypted method with Edge subscription. Reason for this we haveIntrusion detection hardware in place to scan all web bound trafiicfor sensitive information to prevent it from being sent to the internet unencrypted. This is the only place whereI can tap theSMTP traffic before it is sent TLS to the external mail host.Current setup in test environment. Windows 2008, Exchange 2007SP1 latest RUServer1 - MBX, HUBT rolesServer2 - Edge RoleEdge subscription not setup.I have followed technet article -
How to Configure Mail Flow Between an Edge Transport Server and Hub Transport Servers Without Using EdgeSync
with one exception for send connector for inbound I have changed the settings forConfigure smart host authentication settings page, select Basic Authentication and Basic Authentication over TLS, to Externally Securedand the same setting for the internal Receive connector.WhenI send a test message, message sits in thethe edge server queue with an undeliverable, never being sent to mbx server.Any ideas of this can truely be done or any other way to try to easily make this scenario work.
May 1st, 2009 10:05pm
Hi,Whether the accepted domain was configured on the Edge server?Additionally, whether any error messagecome up in the queue or event log on the Edge server?Please test whether you can telnet Hub server 25 to send the test email directly.ThanksAllen
Free Windows Admin Tool Kit Click here and download it now
May 5th, 2009 1:27pm