M
M
Michael Danilov2013-01-15 15:34:31
System administration
Michael Danilov, 2013-01-15 15:34:31

Mail forwarding from one internal Exchange 2007 to an external Exchange 2007

Good time of the day.

There are 2 servers:
- which looks only to the local network (we will call it IntServ);
- which looks with one foot to the Internet (we will call it ExtServ), the other to the local network and sees IntServ;

Exchange Server 2007 is configured on IntServ and is used as internal corporate mail with addresses like @%prefix%.example.local, where %prefix% is a certain regional prefix that changes in different regions and departments. ExtServ also has Exchange Server 2007 and the %prefix%.example.com domain is attached to it, where %prefix% means the same as for IntServ.

Is it possible to configure ExtServ in such a way that they forward mail through themselves from IntServ to any mail on the Internet? Let me explain with examples:
- [email protected] sends an email to [email protected] The letter goes to IntServ and there further along the internal local network to login2.
- [email protected] sends an email to [email protected] The letter goes to IntServ, it “understands” that the letter is outside, sends it to ExtServ, which replaces the address with [email protected] and sends it to some server serving the example.net domain.
- Reverse situation: [email protected] sends an email to [email protected] From the server serving example.net, a letter arrives at ExtServ, it replaces the address with [email protected], sends a letter to IntServ, which already sends login2.

Purely logically, I don’t see a problem here, you just need to write mail processing rules for IntServ and ExtServ, but can this be done on Exchange Server 2007?

PS IntServ cannot simply be given access to the Internet - the security service will tear everyone and everything.

Thank you very much in advance!

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
akelsey, 2015-08-02
@akelsey

Initially, the wrong design was chosen, apparently, as always, the stupid first department in the dual-use production got into other people's business and it turned out like this.
Apparently the task was to ensure the work of mail inside the VPN, but to prohibit sending mail outside. Why is the model selected when the AD domain suffix is ​​selected as the mail suffix.
Answering your question - using the standard methods of Exchange 2007 - you cannot implement what you have planned.
With the help of studying the API on Technet and mastering C #, it is theoretically possible to write a transport agent - which will make your substitutions on the fly, plus increase the functionality to a GUI muzzle with fine settings - who can - who can’t, and then sell this solution to similar factories, but that’s all fantastic, hardly anyone will invest in it now.
In your version, the most realistic option is to add a normal domain to everyone, set up normal mail, and provide sending audit with the purchase of additional software. Mail routing between branches will go inside the VPN anyway, and the EDGE server in the demo zone will already be tuned to the consistency you need. (Well, I would still migrate at least until 2010 - because there will be a little more opportunities there)

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question