ISA Firewalls and MDaemon — Outbound SMTP Problems
QUESTION:
Dear Dr. Shinder,
First, I would like be sorry for inconvenient to you. But I hope you could share your great experience to me.
My name, Bong Benly (Mr.). Benly is my first name. I live and work in Cambodia. At my institution, we use MDaemon (9.0.6) as mail server. Since I installed ISA server 2004, we could not send email to outside, and could not receive email from outside too. All email to outsiders, were get stuck in MDaemon.
I checked for solution from MDaemon website, the answer is as below:
There is an application filter for SMTP in ISA that needs to be disabled. Visit www.isaserver.org for more configuration information.
I still have no idea to get it work. I hope to hear from you. Thank you for your time.
With my best regards,
Benly
ANSWER:
It seems strange that that the recommendation would be to disable the SMTP filter, since the SMTP filter provide vital security for published SMTP server. Keep in mind that the SMTP filter work only for Server Publishing Rules, not for outbound SMTP messages. So, for the techs at the MDaemon Web site to tell you to disable the SMTP filter to fix an outbound SMTP problem sounds ridiculous and indicates that they don’t understand how the ISA Firewall works, and they’re just guessing as to the nature of the problem.
The most common reasons for outbound mail to get “stuck” at the SMTP MTA include:
- DNS problems. The SMTP server can’t resolve the name of the destination SMTP servers
- Access Rule problems. You haven’t created a DNS server rule that allows outbound DNS, or you haven’t created a rule that allows outbound SMTP for the SMTP server
- ISP problems. The ISP doesn’t allow you to send outbound SMTP. They might require that you use their SMTP relay
Bottom line: The probability that a correctly configured ISA Firewall is blocking outbound SMTP messages from going through is infinitesimally small.
HTH,
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: tshinder@isaserver.org
MVP — Microsoft Firewalls (ISA)
ZAHID HASEEB Says:
November 25th, 2006 at 2:06 am
Sir you have to publish your mdaemon at ISA 2004 thn make a rule with POP and SMTP protocol,source should be your ISA firewall and destination should be mdaemon because of this your outside traffic will come in Mdaemon.
and for your internal traffic to go outside you make a rule with the same protocol(SMTP and POP) with a source mdaemon and destination ISA firewall2004 this rule will make your all emails outside.
this solution is for: if your mdaemon is behind ISA 2004 firewall.
feel free to email me at z_haseeb@hotmail.com
KAMRAN Says:
November 29th, 2006 at 2:24 am
I have same Problem in my Organization and i have found too many solution about this problem but problem is still exit.
-I have Disable the STMP Filtring from ISA.
-I have Publish MDaemon Server on ISA Server and aslo create a Access Rule for SMTP.
I am trying to find out the solution of that problem if got some solution then i will send to solution for that solution but if you have some solution so please Reply Me.
Thanks and Regard
KAMRAN
kamworldpresi@yahoo.com.com
Alejandri Says:
November 7th, 2007 at 10:33 am
I live in Cuba, and my problem is that I have the Mdaemon server in the same machine that ISA Server is, then I can recieve Email form the outside, but I still can’t send emails to the outside, I was using Kerio Winroute Firewall, but the license has expired. I have done the folowwing rules and nothing:
1-From Localhost to External. Allow all outbound traffic
2-Form External to localhost, Allow pop3 and SMTP protocols only, //With this rule, I recieve Emails form the outside.
I don’t know what else could I do please can uds help me???
Thanks and Regard
Alejandro