Knowledge Base & Forums/Google Apps/Postini - Filtering/Archiving/Spam

GMS/Postini How to Lock Inbound SMTP on Exchange 2003/2007

Michael
posted this on June 23, 2011 03:17 pm

How do I lockdown my Exchange 2003 Mail Server?
Do NOT make these changes until the DNS Changes have fully propagated for at least 48-72 hours and your mail is being filtered through Postini Data Centers
  • Open up Exchange System Manager
  • Double click the following icons, Servers, Mail Server Name, SMTP
  • Rick Click and select Properties for 'Default SMTP Virtual Server'
  • Click the 'Access' Tab
  • Click Connections
  • Click 'Only the List Below' Which only allows the following IP addresses to use the SMTP Resource
  • Click Add - group of Computers
  • Subnet Address: 64.18.0.0 Subnet Mask 255.255.240.0 (Postini Mail Server)
  • Send a test message from an outside email address (Gmail, Yahoo!, etc...)
NOTE: These changes should be applied instantly with no need to restart any services. If you see the changes not taking effect then you may need to restart Exchange services to force the changes.

 

How do I lockdown my Exchange 2007 Mail Server?
Do NOT make these changes until the DNS Changes have fully propagated for at least 48-72 hours and your mail is being filtered through Postini Data Centers
  • Open the Exchange Management Console
  • Expand Server Configuration, then select Hub Transport
  • Select the Network tab and at the bottom where it says "Receive mail from remote servers that have these IP addresses:"
  • Select Add and the select IP and Mask
  • Enter 64.18.0.0 with subnet mask of 255.255.240.0
  • By default the connector will have 0.0.0.0 - 255.255.255.255 as an allowed IP range, this basically opens the server up to anyone so this will need to be removed.                      
  • Send a test message from an outside email address (Gmail, Yahoo!, etc...)
NOTE: These changes should be applied instantly with no need to restart any services. If you see the changes not taking effect then you may need to restart Exchange services to force the changes.
 
Topic is closed for comments