- Now that the SMTP service is installed, open the Internet Information Services Manager and navigate through the console tree to your server -> Default SMTP Virtual Server.
- Right click on the Default SMTP Virtual Server and select Properties.
- Select the General tab and locate the IP Address dropdown list.
- Choose the IP address bound to the NIC that is connected to your internal network.
- Now, select the Access tab and click the Relay button.
- Deselect the 'Allow Computers Which Successfully Authenticate To Relay' checkbox, and click OK.
- Click OK again to return to the main IIS Manager console screen.
- Expand the Default SMTP Virtual Server container to reveal the containers beneath it.
- Right click on the Domains container and select New -> Domain. This will launch the New SMTP Domain Wizard.
- The wizard's initial screen asks what type of domain you want to create. Select the Remote option and click Next.
- At this point, you must enter the domain name that your Exchange organization uses. For example, my domain name is brienposey.com. All SMTP mail entering my domain bears an address of email@example.com. Therefore, I would enter brienposey.com as the domain name. After entering your domain name, click Finish.
- At this point, you will see the domain name you entered added to the pane on the right. Double click on the domain name to access its properties sheet.
- Select the 'Allow Incoming Mail to be Relayed to this Domain' checkbox. (Normally, you don't want people to be able to relay mail through your servers, but in this case it is essential.)
- Now specify a smart host address. A smart host is a machine that will relieve the current server of the burden of processing SMTP mail.
In this case, we want SMTP mail to be filtered by the ISA Server, but to ultimately be processed by the Exchange server. You must therefore enter the Exchange server's IP address. The catch is that the IP address must be surrounded by brackets. For example, the address would look something like this: [192.168.1.1]
How to use an ISA Server as an SMTP filter
Install the SMTP service
Configure the Internet Information Server
Install ISA Server 2004
Create an SMTP publishing rule
Create a DNS publishing rule
Configure the message screener
Change your DNS server's MX record
About the author
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies.
This tip originally appeared on SearchSecurity.com.
Dig deeper on Application security and data protection