Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 9498 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Integrating Sophos vSEA with Exchange 2013

Ismail Shareef Mohammed

Hello Everyone,

 

I am planning to deploy SEA for our Mail Security and currently have Exchange 2013 (1x MB/CAS Server and 1x Edge Server). Incoming SMTP is NATed to Edge Server (In/Out) and the Send Connector has Edge as the outgoing mail server.

 

It looks simple from the documentation but I am really unable to figure out how actually the things should be in place. I am thinking of below;

- NAT SMTP to SEA (In/Out)

- Disable the current Send Connector and Create a new one and add SEA as Smart Host and chose the MB/CAS server as i don't see the role of Edge server anymore

- Integrated SEA with AD using LDAP

- In SEA Configure MB/CAS server under Mail Delivery Serves & Internal Mail Hosts

 

Is there anything i am missing ?



This thread was automatically locked due to age.
Parents
  • +2

    Ismail,

    some tips:

    1. Make sure to deploy SEA on your DMZ zone so they can be reached by External SMTP directly
    2. Create proper public MX records which point to SEA IP address (public IP)
    3. Install the first SEA and join it to AD
    4. Create proper rules on SEA like:
    5. Mail Delivery Servers: here specify the IP addresses to which SEA will send email from internet to internal domains. If you have an Exchange NLB, specify virtual IP
    6. Mail Domains: specify the mail domains your organization manage (publically)
    7. Internal Mail hosts: specify here the authorized mail server whom can send email to SEA. Here specify physical Exchange SMTP IP and not Virtual NLB address
    8. Use the Sophos KB for best SEA spam catching techniques: https://community.sophos.com/kb/en-us/120802
    9. Create the SEA cluster by joining the second SEA to the first one already configured
    10. Create a new SMTP connector on Exchange that sends email to SEA
    11. Create a SMTP relay connector on Exchange to receive email only from SEA IPs

    Regards

  • 0 in reply to lferrara

    Thanks for your help, it worked well.

    We also had to disable Exchange Sender ID as many of the mails were bouncing if other people were sending us the mails.

    Powershell : Set-SenderIDConfig -ExternalMailEnabled $false

     
Reply Children
No Data
Unfiltered HTML