|
|
How to Configure Microsoft Exchange to use
the Arrowmail Smarthosts
Arrowmail has 3 separate smarthost mail-servers and, luckily,
both Exchange 2003 and 2007 know how to make use of multiple smarthosts for
redundancy and load-balancing.
This means that if one of our smarthosts is
very busy, has failed or is undergoing maintenance, your Exchange server
can continue to send out emails, uninterrupted.
In Exchange 2003 it's possible to configure a smarthost on the Default SMTP Virtual
Server but, if you do it this way, you can only set a single
smarthost.
You must, therefore, use an SMTP Connector for your outgoing
emails which does allow multiple smarthosts to be specified.
For Exchange 2007 there's only one way to configure a smarthost
which is on the Send Connector.
For simplicity, the instructions on this page assume that you only have one
Exchange server in your organisation.
If you have multiple Exchange servers, there are a few minor differences
which we'll be happy to advise you about.
|
|
How To Configure a Smarthost on Exchange 2003
Open Exchange System Manager and click on the +
next to Connectors to see if you are already using an SMTP Connector.
SBS2003 comes with a pre-configured SMTP Connector as shown below:-
|
|
 |
|
If you need to create a new connector:-
Right-click on Connectors and select New - SMTP Connector...
If a SMTP Connector already exists, right-click on it and choose
Properties
|
|
 |
|
If you only
have one
Exchange server, it's unlikely
you'll need more than one
SMTP Connector.
Multiple
SMTP Connectors are used to
send certain emails via different routes. |
|
The SMTP Connector - Properties page opens which has 8 tabs.
(There could be a 9th tab called Security if you've previously enabled
this tab by a registry change, but, in any case, there's nothing to configure on this tab.)
We'll start on the General tab where there are 3 things to configure:-
| Name |
Call it what you want, but "All Outgoing Email"
is a good name.
|
| Smarthosts |
Select "Forward all mail through this connector to the following smart hosts"
and enter Arrowmail's 3 smarthosts, separated by semicolons.
The full string to enter is:-
smarthost1.arrowmail.co.uk;smarthost2.arrowmail.co.uk;smarthost3.arrowmail.co.uk
"Copy and Paste" the above line into your
SMTP Connector
if you like.
|
Bridgehead
Server |
This is your Exchange server.
Click Add... and there will only
be one option. |
|
 |
If you're editing an existing SMTP Connector it will already have a
name which can't be changed here.
If you want to rename the connector,
close this page, right-click on the SMTP Connector and choose
Rename |
|
Go to the Address Space tab.
Click Add... and select
the default options which are:-
Type = SMTP
Email Domain = *
Cost = 1
Connector
scope = Entire Organisation
"Allow messages to be relayed to these
domains" is not selected
|
|
 |
|
Go to the Advanced tab.
Click on Outbound Security...
Select Basic authentication (password is sent in clear text) and then
Modify...
Enter your username and password for the Arrowmail Smarthosts.
If you would like all messages, sent from your server to our smarthosts,
to be encrypted then select TLS encryption:-
|
|
 |
|
The Arrowmail smarthosts require authentication
and support TLS encryption.
We will issue you with your own username and password
which will be the same for all 3 of our smarthosts. |
|
There's nothing to change on the other 5 tabs, but we've shown what
they should look like, anyway, so you can check that nothing's been changed.
The Connected Routing Groups tab:-
|
|
 |
|
The Delivery Restrictions tab:-
|
|
 |
|
The Content Restrictions tab:-
|
|
 |
|
The Delivery Options tab:-
|
|
 |
|
...and finally, the Details tab:-
|
|
 |
|
Click OK and close Exchange System Manager.
In order for the new settings to take effect, you need to restart the following services:-
Microsoft Exchange Routing Engine and
Simple Mail Transport Protocol (SMTP).
Rebooting the server will also enable the new settings, if this is easier.
^ Top of Page ^
How To Configure a Smarthost on Exchange 2007
If your Exchange Server 2007 is currently able to send emails
externally, a Send Connector must already have been created and
configured correctly on the Hub Transport server.
Configuring Exchange 2007 to use the Arrowmail Smarthosts, therefore,
just requires you to modify the settings on this
Send Connector.
For Exchange 2007, Microsoft has split up into separate roles, the
various jobs that Exchange has to perform, with the implication that
each role will be handled by a different server.
The Hub Transport role is the one responsible for sending and receiving external emails.
In the real world of small to medium sized companies, a single
Exchange server is likely to be performing all the various roles.
|
|
|
Open Exchange Management Console
Click on the + next to Organization Configuration
Select Hub Transport and
select the Send Connectors tab:-
|
|
|
Right-click on the existing Send Connector, select Properties
and go to the Network tab.
Select "Route mail through the following smart hosts:" and
click Add:-
|
|
 |
|
|
Specify the first smarthost as shown below:-
|
|
 |
|
Add all 3 of Arrowmail's smarthosts:-
|
|
 |
|
Click Change... to set the authentication options.
Type the username and password we've issued to you below:-
|
|
 |
|
There shouldn't be anything that needs changing on the other 3 tabs, but
we've shown below, what they should typically look like.
The General tab:-
|
|
 |
|
The
Fully Qualified Domain Name(FQDN)
should be the DNS name of the public IP address your server operates behind.
Our smarthosts don't care what FQDN you enter, but if you're sending
email directly, without using a smarthost, it's important to get this
entry to match your actual FQDN |
|
When you
need help
trouble-shooting smarthost connection problems, you can change the
"Protocol logging level:"
to Verbose. |
|
The Address Space tab:-
|
|
 |
|
The asterisk in
the Domain column indicates that all emails
will be sent through this
Send Connector |
|
The Source Server tab:-
|
|
 |
|
Notice, in the
Role column,
that this server is performing all the Exchange 2007 roles. |
|
When you've finished, the Send Connector
should look like this:-
|
|
| |
|
The changes you've made to the Send Connector will take effect
straight away without you having to reboot the server or restart any services.
What if you don't use Exchange as your in-house
Mail-server?
Many mail-server programs, other than Exchange, can take advantage of
multiple smarthosts. However, if the one you're using use can only be
configured for one smarthost, you should set it to use:-
smarthost.arrowmail.co.uk
We will make sure that this DNS name is always pointing to a functional mail-server.
If your mail-server isn't able to authenticate to our smarthosts
then, as long as you are using a fixed public IP address, we can allow
anonymous access from that specific IP address. |
|
How to Create a Sender Policy Framework Record to Authorise our
Servers to send out your Company's Email
It's by no means essential, but if you use our smarthosts, it can help
make email delivery more reliable if you create a special
DNS record with whoever is handling the DNS for your domain name,
which is usually your domain registrar.
This DNS record is to comply with the Sender Policy
Framework (SPF) anti-spam initiative and it identifies our servers as
being approved for sending emails from your domain.
It's a TXT record, which not all DNS servers or ISP control panels can handle, but if they can
this is the record you need to add:-
mycompany.co.uk. IN TXT "v=spf1
include:arrowmail.co.uk -all"
This is how it should appear in your DNS Zone File, including the
inverted commas, but with your domain name substituted for
mycompany.co.uk.
If you give us the logon details for your domain registrar's control
panel we'll set it up for you.
If your current DNS servers
can't handle TXT records you could move to DNS servers that can. This doesn't require you
to change your domain registrar.
www.nettica.com will host your
domain's DNS service, along with TXT records, on their servers
forever for a one-off payment of US$40.
You can check that your SPF record has been successfully setup by
sending an email to:-
check-auth@verifier.port25.com
Make sure that the From address you use is covered by the SPF record,
no need to put anything in the Subject Line or the body of the email.
You should receive a reply containing something like the extract below,
which also checks out any other anti-spam initiatives such as DomainKeys,
DKIM, and Sender-ID:-
|
|
 |
The SPF system has not yet been adopted widely enough to be a
reliable method for identifying spam but, when sending emails, it can tip the balance your
favour, especially with heavy-handed anti-spam systems.
^ Top of Page ^
|
|
If you prefer, you can, instead, email your comments to
support@arrowmail.co.uk
^ Top of Page ^
|
|
| |
Arrowmail is owned and operated by
Rhebus
Limited, a UK-registered company, number 4079706.
We welcome any comments about this website, good or bad. Send them to
webmaster@arrowmail.co.uk
|
|
