Publishing SMTP Services in Forefront TMG 2010

Most organizations host their mail server themselves. Organizations use different types of mail servers such as Microsoft Exchange, Lotus Domino, Send Mail, Quemail, MDeamon etc. Here, we are configuring third party mail server (except Microsoft Exchange) through Forefront TMG 2010. For this, it is recommended to use the menu option Publish Non-Web Server Protocols wizard in Firewall Policy under Tasks pane. Apart from this, if you are using Microsoft Exchange Server then you have to use Publish Mail Servers wizard to publish SMTP service.

Publishing SMTP service involves the following two steps:

  • Publishing the internal SMTP server to the Internet: This step publishes the internal mail server on the external interface of the Forefront TMG 2010 Server so that it can listen to incoming SMTP requests from Public SMTP Servers.
  • Creating an Access rule to allow outbound SMTP traffic to the Internet: This step configures the TMG 2010 Server to allow the Internet SMTP server to communicate with the external public mail servers for outgoing SMTP traffic.

Publishing the Internal SMTP Server to the Internet:

1. In the TMG Server Management console, click Firewall Policy, and then in Tasks in the right pane, click Publish Non-Web Server Protocols.

2. On the Welcome to the New Server Publishing Rule Wizard page, type Inbound Access to Internal SMTP Mail Server in the Server publishing rule name box, and then click Next.

3. On the Select Server page, type the Mail Server IP Address in the Server IP address box, and then click Next.

4. On the Select Protocol page, select the SMTP Server in the drop-down menu, click Properties to check SMTP Server protocol for Inbound Direction and then click Next.

5. On the Network Listener IP Addresses page, select External in Listen for requests from these networks, and then click Next.

6. On the Completing the New Server Publishing Rule Wizard page, review the configuration and then click Finish. Click Apply, click Apply and click OK to save changes.

Creating an Access Rule to Allow Outbound SMTP Traffic to the Internet:

1. In the TMG Server Management console, right click Firewall Policy, click New and then click Access Rule.

2. On the Welcome to the New Access Rule Wizard page, type Allow outbound SMTP traffic to the Internet from Mail Server, and then click Next.

3. On the Rule Action page, select Allow and then click Next.

4. On the Protocols page, from the This rule applies to drop-down menu, select Selected protocols, click Add. On the Add Protocols dialog box, expand Common Protocols, select SMTP, click Add, click Close and then click Next.

5. On the Access Rule Sources page, click Add, On the Add Network Entities dialog box, expand Computers and check whether the host name of the SMTP Server is already defined. If it is defined, select the SMTP Server name, click Add, and then click Close. If it is not defined, click New in the Network Entities dialog box, and then click Computer. Type the host name of internal SMTP Server and IP Address and click OK.

6. Expand Computers object, select the Mail Server and click Add, click Close.

7. On the Access Rule Sources page, Mail Server is listed in This rule applied to traffic from these sources, and click Next.

8. On the Access Rule Destinations page, click Add, expand Networks, select External and click Add, click Close and then click Next.

9. On the User Sets page, select All Users and then click Next.

10. On the Completing the New Access Rule Wizard page, review the configuration and then click Finish. Click Apply, Click Apply and then click OK to save changes and update the configuration.

 

Summary:

Publishing SMTP Service is very important for business operations. The above article outlines how to carry out publishing SMTP Services using Forefront TMG 2010. I hope this helps.

 

2 comments

Leave a Reply

Your email address will not be published. Required fields are marked *