Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2171
Views
0
Helpful
5
Replies

Ironport setup

Go to solution
Jonathan Quinones
Level 1
Level 1

‎11-03-2014 09:32 AM

Need a few pointers with ESA setup

Incoming Mail

Internet --> Messagelabs ---> ESA ---> Exchange

Exchange --> ESA --> Messagelabs --> Internet

 

Basically my email is routed through Messagelabs and we want to add a layer of security with ESA.  Eventually if it performs well, we will remove Messagelabs.  

 

I know to route mail to exchange, I have to use SMTP routes with the domains.  
I need to do this for incoming and outgoing mail.

Also, for a few boxes, I need to know how to bypass messagelabs.  I need the functionality of a Postfix box and just send out to the Internet while performing lookups with MX records.

Is there a way to do this for certain domains as well?

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎11-04-2014 05:25 AM

By default you will configure a "default smtp route" that would send everything back to MessageLabs in your above design. For those domains that you want to go directly simply create an SMTP route and instead of specifying the IP address of the destination use the USEDNS entry for the route. This will tell the ESA to lookup the MX record and not follow the default SMTP route.

 

 

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎11-04-2014 05:25 AM

By default you will configure a "default smtp route" that would send everything back to MessageLabs in your above design. For those domains that you want to go directly simply create an SMTP route and instead of specifying the IP address of the destination use the USEDNS entry for the route. This will tell the ESA to lookup the MX record and not follow the default SMTP route.

 

 

0 Helpful

Go to solution
Jonathan Quinones
Level 1
Level 1
In response to Tom Foucha

‎11-05-2014 11:06 AM

Tommy,


thanks for the reply.


So under SMTP routes, I would add in for example

receiving domain exchangedomain.com, then destination would be messagelabs server

For the the domains that are not using messagelabs

receiving domain: nomessageble.com then destination would be USEDNS

0 Helpful

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee
In response to Jonathan Quinones

‎11-05-2014 11:54 AM

I would configure the default SMTP route to point to MessageLabs and then specify (override) the default by adding in the other domains

 

exchangdomain(s).com ---> Exchange Server

trustedpartner ----> USEDNS

default ------> Messagelabs

Just make sure you list all your internal domains going to the Exchange server so they get rerouted out to MessageLabs and create a loop.

0 Helpful

Go to solution
Jonathan Quinones
Level 1
Level 1
In response to Tom Foucha

‎11-05-2014 12:17 PM

Thanks.  I will test and write back.

 

 

0 Helpful

Go to solution
Jonathan Quinones
Level 1
Level 1
In response to Jonathan Quinones

‎11-06-2014 12:19 PM

Tommy,

 

I added in the default route to message labs and it sends out and receives fine.

 

I tested something out and I'm not 100 percent sure about the behavior

I added a smtp route for a specific domain and it send out properly but not by Messagelabs


I removed the entry for the specific domain and it sent out properly but not by message labs

 

Both behaviors is what I want, but is this behavior the way Ironport is suppose to act?

0 Helpful
Customers Also Viewed These Support Documents