Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7985
Views
10
Helpful
1
Replies

ESA-Exchange-Integration

Go to solution
iDesigndata
Level 1
Level 1

‎10-10-2016 02:58 AM

Hi All,

Requirement :- E Mail Security Appliance Integration with Exchange Server for filtering mails

As per the customer requirement we had provided them with ESA C190 and configured with filtering,AMP,outbreak Filters and still customer mails has not been filtering

Please tell me how to point Exchange server towards ESA C190. So that once appliance receives mail it can filter mails as per the requirement

Mail Flow for Customer follows below

User---------Exchange--------Edge----------ISP

To filter we need to send mails via ESA Appliance as below mentioned

User--------Exchange---------ESA190---------Edge--------ISP

I would also like to know if there is anyone who can understand and help me in this issue

Thanks  in Advance

with best Regards

YaserM

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎10-10-2016 05:42 AM

Hi Yaser,

The configuration on the ESA to accept emails from the exchange and relay them would just require the below steps.

Add exchange IP to the HAT Relaylist (or another sender group with relay action)

GUI -> HAT Overview -> Relaylist -> IP/DNS resolvable hostname of the exchange server.

(Relay action allows the sending server to send emails outbound to the internet.)

Also in order for the ESA to deliver emails to the destination domains directly the ESA would use the configured DNS servers.

User -> Exchange -> ESA -> Use DNS to deliver emails (if no SMTP route is configured)

In order for the exchange to send emails to the ESA there should be a send connection pointing traffic over port 25 from the exchange to the ESA.

Microsoft has official documentation available online for the same such as the below

https://technet.microsoft.com/en-us/library/aa998814.aspx?f=255&MSPPError=-2147217396

Note: AMP is only available for inbound emails and not outbound emails.

To allow emails inbound to be delivered to the exchange would need an entry for the internal domain under Mail Policies -> Recipient Access Table and an entry under Network -> SMTP routes which points traffic for the domain to the internal exchange server.

Hope this information helps.

Thanks

Libin Varghese

View solution in original post

1 Reply 1

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎10-10-2016 05:42 AM

Hi Yaser,

The configuration on the ESA to accept emails from the exchange and relay them would just require the below steps.

Add exchange IP to the HAT Relaylist (or another sender group with relay action)

GUI -> HAT Overview -> Relaylist -> IP/DNS resolvable hostname of the exchange server.

(Relay action allows the sending server to send emails outbound to the internet.)

Also in order for the ESA to deliver emails to the destination domains directly the ESA would use the configured DNS servers.

User -> Exchange -> ESA -> Use DNS to deliver emails (if no SMTP route is configured)

In order for the exchange to send emails to the ESA there should be a send connection pointing traffic over port 25 from the exchange to the ESA.

Microsoft has official documentation available online for the same such as the below

https://technet.microsoft.com/en-us/library/aa998814.aspx?f=255&MSPPError=-2147217396

Note: AMP is only available for inbound emails and not outbound emails.

To allow emails inbound to be delivered to the exchange would need an entry for the internal domain under Mail Policies -> Recipient Access Table and an entry under Network -> SMTP routes which points traffic for the domain to the internal exchange server.

Hope this information helps.

Thanks

Libin Varghese

Customers Also Viewed These Support Documents