This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

es1100 email appliance how to test smtp look ahead

i have an ES1100 in my DMZ, and it connects through a microsoft isa 2006 server to my exchange 2010 server

email is flowing properly, but the recipient validation via downstream smtp look-ahead has stopped working.

when i monitor traffic from this device on my isa server, it shows some denied connections, but i'm not sure if this is the smtp look-ahead as when i change it to use recipient validation via directory services, the occasional denied connections are still there but recipient validation works

in the past, when i wish to test mail flow problems, i typically telnet to port 25, and test sending via the command line

is the recipient validation from the email appliance simply a VRFY?

thanks in advance for any help

regards

andrew

:17227


This thread was automatically locked due to age.
Parents
  • Hi Andrew,

    The appliance actually uses RCPT TO rather than VRFY when performing the SMTP look ahead.  You could test this by performing a telnet to the exchange server:

    telnet <exchange> 25

    ehlo test

    mail from: test@sophos.com

    rcpt to: doesnotexist@yourdomain.tld

    If the Exchange server doesn't reject the connection at this point then it will assume that the address is valid.  You would need to look at the Exchange settings, this MS article might help:

    http://technet.microsoft.com/en-us/library/bb123891.aspx

    It shouldn't really matter where you do this telnet test from, but please give Sophos support a call if you would like them to test this from the appliance itself (via remote assistance).

    Hope this helps,

    Tom.

    :17309
Reply
  • Hi Andrew,

    The appliance actually uses RCPT TO rather than VRFY when performing the SMTP look ahead.  You could test this by performing a telnet to the exchange server:

    telnet <exchange> 25

    ehlo test

    mail from: test@sophos.com

    rcpt to: doesnotexist@yourdomain.tld

    If the Exchange server doesn't reject the connection at this point then it will assume that the address is valid.  You would need to look at the Exchange settings, this MS article might help:

    http://technet.microsoft.com/en-us/library/bb123891.aspx

    It shouldn't really matter where you do this telnet test from, but please give Sophos support a call if you would like them to test this from the appliance itself (via remote assistance).

    Hope this helps,

    Tom.

    :17309
Children
No Data