cancel
Showing results for 
Search instead for 
Did you mean: 
mnoriega
Level 7

email encryption

Jump to solution

I'm trying to setup the Saas email encryption on my network. FOllowed all instructions but my smart host does not work.  I use a Watchguard as firewall and set a rule to only receive and send email from their addresses with not luck.  Any suggestions?  PLEASE HELP!!

0 Kudos
1 Solution

Accepted Solutions
cascadia
Level 12

Re: email encryption

Jump to solution

That usually indicates the IP address you believe the messages should be coming out on, is not actually the IP they are coming out on. Fastest way to figure out what IP others are seeing is to telnet to a host that reports back your IP address in response to a ehlo. I know comcast's servers do this, for example.

Otherwise, I'd recommend contacting your supporting partner for additional assistance.

0 Kudos
12 Replies
cascadia
Level 12

Re: email encryption

Jump to solution

Hi mnoriega,

What server environment are you operating with?

0 Kudos
mnoriega
Level 7

Re: email encryption

Jump to solution

Hi Brad thanks for answering.  Our email server is Exchange 2010 installed on a Windows 2008 R2 Standard.  I created the Smarhost using our internet connector that is working perfectly changin to "Route mail through sfbhn.org.outbound10.mslogic.net.  On the firewall Y modify the SMT RUles as follows:

Incoming: From      208.65.144.0./21

                               208.81.64.0/21   McAfee IPs

                  TO: 173.221.142.85 -> 192.168.1.103 (NAT from our external IP to Exchange Internal)  We also use filtering thru MCAfee

Outgoing: FROM 173.221.142.85  (Our external, I also tried with the internal)

                    TO:      208.65.144.0/21

                              208.81.64.0/21   McAfee IPs

Not working.  I checked on our McAfee console and the smarthost is included in our inbound servers.

DOn't know what I'm doing wrong.

THANKS!

0 Kudos
mnoriega
Level 7

Re: email encryption

Jump to solution

HI Brad:

Yes is a send connector and I followed those instructions.  Port 25 is open but I only opened on the firewall for the McAfee IPs. I made sre that athentication was set to none.

0 Kudos
cascadia
Level 12

Re: email encryption

Jump to solution

mnoriega,

You refered to an "internet connector", can you verify if this is the Send Connector? Follow these steps:

  • Open the Exchange Management Console
  • Click + next to Organization Configuration
  • Select Hub Transport, and select the Send Connectors Tab
  • Right click on your primary Send Connector, and select Properties
  • Go to the Network Tab
  • Select the option to Route mail thorugh the following smarthosts",
  • Click Add, and enter the smarthost address.
  • Port 25 should be open and allowed
  • No authentication should be configured
0 Kudos
cascadia
Level 12

Re: email encryption

Jump to solution

I'm not sure what is being missed. Is the send connector configured for all domains on the server? Something is preventing the send connector from sending outbound mail to the SaaS Cloud.

0 Kudos
mnoriega
Level 7

Re: email encryption

Jump to solution

I did not created a second connector, only modified the existing one.  As soon as I create the connector the messages stop to go out, it does not matter what I have in the firewall. 

0 Kudos
cascadia
Level 12

Re: email encryption

Jump to solution

So, wait, when you have the connector enabled, mailflow stops?

0 Kudos
mnoriega
Level 7

Re: email encryption

Jump to solution

Yes that is what hapen.

0 Kudos
cascadia
Level 12

Re: email encryption

Jump to solution

That usually indicates the IP address you believe the messages should be coming out on, is not actually the IP they are coming out on. Fastest way to figure out what IP others are seeing is to telnet to a host that reports back your IP address in response to a ehlo. I know comcast's servers do this, for example.

Otherwise, I'd recommend contacting your supporting partner for additional assistance.

0 Kudos