We recently installed a spam filter and needed to change our config to have smtp sent to the spam filter instead of exchange.
Original config:
Conduit permit tcp host 208.50.xx.xxx eq pop3 any
Conduit permit tcp host 208.50.xx.xxx eq smtp any
Conduit permit tcp host 208.50.xx.xxx eq Alias (inside) xxx.xx.0.9 208.50.xx.xxx 255.255.255.255
Static (inside,outside) 208.50.xx.xxx xxx.xx.0.9 netmask 255.255.255.255 0 0
Changed config:
Conduit permit tcp host 208.50.xx.xxx eq pop3 any
Conduit permit tcp host 208.50.xx.xxx eq smtp any
Conduit permit tcp host 208.50.xx.xxx eq Alias (inside) xxx.xx.0.9 208.50.xx.xxx 255.255.255.255
Static (inside,outside) tcp 208.50.xx.xxx 255.255.255.255 0 0
Static (inside,outside) tcp 208.50.xx.xxx smtp xx.xx.0.9 smtp netmask 255.255.255.255 0 0
Static (inside,outside) tcp 208.50.xx.xxx pop3 xxx.xx.0.9 pop3 netmask 255.255.255.255 0 0
We have users in exchange that use the Delivery options in exchange to also send mail to an alternate recipient (an external aol account). Since making this change, this option does not work and the sender receives an undeliverable reply for the alternate recipient as follows:
Unable to deliver the message due to a communications failure
The MTS-ID of the original message is: c=us;a= ;p=fmfc;l=EXCHANGE0407271516P3XVSJ0J
MSEXCH:IMS:FMFC:FMFC:EXCHANGE 3550 (000B09AA) 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE
I think it is getting confused because it needs to send this out smtp and it tries to send it to the spam filter which is inbound only.
Does anyone know a way to change the pix to be able to allow inbound to the spam filter, but be able to send to alternate recipients not through it?
Thanks - Kristi
Original config:
Conduit permit tcp host 208.50.xx.xxx eq pop3 any
Conduit permit tcp host 208.50.xx.xxx eq smtp any
Conduit permit tcp host 208.50.xx.xxx eq Alias (inside) xxx.xx.0.9 208.50.xx.xxx 255.255.255.255
Static (inside,outside) 208.50.xx.xxx xxx.xx.0.9 netmask 255.255.255.255 0 0
Changed config:
Conduit permit tcp host 208.50.xx.xxx eq pop3 any
Conduit permit tcp host 208.50.xx.xxx eq smtp any
Conduit permit tcp host 208.50.xx.xxx eq Alias (inside) xxx.xx.0.9 208.50.xx.xxx 255.255.255.255
Static (inside,outside) tcp 208.50.xx.xxx 255.255.255.255 0 0
Static (inside,outside) tcp 208.50.xx.xxx smtp xx.xx.0.9 smtp netmask 255.255.255.255 0 0
Static (inside,outside) tcp 208.50.xx.xxx pop3 xxx.xx.0.9 pop3 netmask 255.255.255.255 0 0
We have users in exchange that use the Delivery options in exchange to also send mail to an alternate recipient (an external aol account). Since making this change, this option does not work and the sender receives an undeliverable reply for the alternate recipient as follows:
Unable to deliver the message due to a communications failure
The MTS-ID of the original message is: c=us;a= ;p=fmfc;l=EXCHANGE0407271516P3XVSJ0J
MSEXCH:IMS:FMFC:FMFC:EXCHANGE 3550 (000B09AA) 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE
I think it is getting confused because it needs to send this out smtp and it tries to send it to the spam filter which is inbound only.
Does anyone know a way to change the pix to be able to allow inbound to the spam filter, but be able to send to alternate recipients not through it?
Thanks - Kristi