I have a customer who purchased an ESA appliance strictly for outbound email encryption.
Their topology for ingress:
Public Internet >>>>> Baracuda MTA >>>>>Exchange
The egress topology is the reverse. I'm injecting the ESA for encryption.
Exchange>>>>>> ESA >>>>> Baracuda >>>>>> Internet
I assume I need to setup the Baracuda MTA as my outbound MTA and send mail through it.
Secondly, since they are not using CRES, I have allowed inbound HTTP/HTTPS ot the public address (NAT'd) of the ESA appliance. Will this work even though the emails is actually coming out of the Baracuda MTA?
Hi Ken. I'm not sure, I just know it is their inbound from public (scan for virus/MW/etc) and outbound from Exchange server MTA. The goal is to go to the ESA and then relay to the Baracuda. I'll check and reply to this thread.
I already have the encryption setup and we have content filters setup to outbound mail. Just want to understand the routing of the mail and make sure when a recipient comes back in to authenticate and retrieve the message everything will work. My assumption is it will since it is similar to the encryption appliances role.