Answer
PROBLEM
After setting up an additional domain and adding GFI MailEssentials to a separate machine to Exchange, GFI MailEssentials appears to be rejecting the emails.
ENVIROMENT
- GFI MailEssentials
- Microsoft Windows Server 2003
SOLUTION
First, create SMTP domain(s) for email relaying
- Go to Start > Control Panel > Administrative Tools.
- Click on Internet Information Services (IIS) 6.0 Manager
- In the left pane, expand the respective server node. Right click on Default SMTP Virtual Server and select Properties.
- Select the IP address currently assigned to your SMTP server and click OK.
- Expand the Default SMTP Virtual Server node
- Right click Domains and select New > Domain.
- Select the Remote option and click Next.
- Specify domain name (e.g. test.gfi.com) and click Finish.
then, enable email relaying to your remote SMTP server:
- Right click on the new domain (e.g. test.gfi.com) and select Properties.
- Select the 'Allow the Incoming Mail to be Relayed to this Domain checkbox'
- Select the Forward all mail to smart host option and specify the IP address of the server managing emails in this domain. IP address must be enclosed in square brackets e.g. [123.123.123.123] so to exclude them from all DNS lookup attempts.
- Click OK to finalize your configuration.
once you've done that, it's important to secure your SMTP email-relay server. If unsecured, your mail relay server can be exploited and used as an open relay for spam. To avoid this from happening, it is recommended that you specifically define which mail servers can route emails through this mail relay server (i.e. allow only specific servers to use
this email relaying setup). To achieve this:
- Go to Start > Control Panel > Administrative Tools.
- Click on Internet Information Services (IIS) Manager.
- In the left pane, expand the respective server node. Right click on Default SMTP Virtual Server and select Properties.
- Click on the Access tab and select Relay
- Select the Only the list below option and click Add.
- Specify IP(s) of the mail server(s) that are allowed to route emails through your mail relay server. You can specify:
- Single computer - i.e. Authorize one specific machine to relay email through this server. Use the DNS Lookup button to lookup an IP address for a specific host.
- Group of computers - i.e. Authorize specific computer(s) to relay emails through this server.
- Domain - Allow all computers in a specific domain to relay emails through this server.
NOTE: The Domain option adds a processing overhead that can degrade SMTP service performance. This is due to the reverse DNS lookup processes triggered on all IP addresses (within that domain) that try to route emails through this relay server.