RE: I'm trying to filter out email messages using ISA

From: Notorious (Notorious_at_discussions.microsoft.com)
Date: 06/30/04


Date: Tue, 29 Jun 2004 19:42:02 -0700

I had the same problem. The filter feature in ISA is not that reliable. I recommending, purchasing an ANTI SPAM program. Lookup on Brighmail who just merged with Symantec and you can also take a look at GFI Mail Essentials.

Good luck.

"Hebba" wrote:

> I performed the following steps. However, keywords that I
> added to the SMTP
> application filter still go through.
>
>
> Enabling SMTP Filter on ISA using Message Screener:
>
>
>
> Our ISA server is called NHL. On this server the following
> is installed:
>
> a.. ISA + Message screener
> b.. IIS + SMTP
>
>
> Our application server is called APPS. On this server the
> following is
> installed:
>
> a.. Message screener only
> b.. IIS + SMTP
> c.. Exchange server
>
>
> Details of Configuration: (you do not have to read the
> text in gray)
>
> 1.. NHL (ISA server):
> 1.. Install IIS
> 2.. Install ISA in full which includes Message Screener
>
> i. If
> SMTP service fails to start:
>
> 1. IIS MetaEdit 2.2 Utility | LM and SmtpSvc |
> Right-click SmtpSvc,
> click New, and then click DWORD. In the Id list, click
> DisableSocketPooling.
> The field to the right should now read 1029. If
> DisableSocketPooling is not
> in the list, click (Other), and then type 1029 in the box.
> In the Data
> field, type 1. Click to select the Inherit attribute.
> Restart the Simple
> Mail Transport Protocol (SMTP) service.
>
> 1.. Enable SMTP application filter in ISA | Extensions
> | Application
> filters (added a keyword: "bom")
> 2.. Start | Run: dcomcnfg.exe (because SMTP message
> screener and ISA
> communicate through DCOM)
>
> i.
> Applications tab | VendorData class properties | Security
> tab |
>
> 1. Use custom launch permissions | Edit | Add |
> Everyone | Type of
> Access: allow launch
>
> 2. Use custom access permissions | Edit | Add |
> Everyone | Type of
> Access: allow access
>
> 3. Use custom configuration permissions | Edit | Add
> | Everyone | Type
> of Access: Full Control
>
>
>
> 1.. APPS (Application server):
> 1.. TCP/IP properties | Default Gateway = ISA IP
> address
> 2.. Install IIS in full which includes SMTP
> 3.. Install Exchange Server:
>
> i.
> CDROM\setup\i386\setup.exe /forestprep
>
>
> ii.
> CDROM\setup\i386\setup.exe /domainprep
>
>
> iii.
> CDROM\setup\i386\setup.exe
>
> 1.. IIS:
>
> i.
> Configure SMTP to use the internal IP address only
>
>
> ii. Create
> remote domain to accept mail from *.internal_domain
>
>
> iii.
> Configure remote domain to relay to Exchange server
>
> 1. select forward all mail to smart host: [IP_of_APPS
> (ExchangeServer)]
>
> 2. select allow incoming mail to be relayed to this
> domain
>
> 1.. Configure Exchange server to accept mail from
> message screener SMTP
> server
>
> i.
> System Manager | Servers | Protocols | SMTP | Default SMTP
> Virtual server
> Properties | General tab | Advanced | verify only internal
> IP address is
> used.
>
> 1.. Install message screener from ISA CD-ROM
> 2.. Run ISACD-ROM\isa\i386\SMTPCred.exe (to set
> authentication
> credentials to ISA server: I used the domain administrator
> account)
> 3.. Start | Run | dcomcnfg.exe: (because SMTP message
> screener and ISA
> communicate through DCOM)
>
> i.
> Applications tab | VendorData class properties | Security
> tab |
>
> 1. Use custom launch permissions | Edit | Add |
> Everyone | Type of
> Access: allow launch
>
> 2. Use custom access permissions | Edit | Add |
> Everyone | Type of
> Access: allow access
>
> 3. Use custom configuration permissions | Edit | Add
> | Everyone | Type
> of Access: Full Control
>
> 1.. Exchange System Manager | Server | Protocols |
> right-click Default
> SMTP Virtual Server properties | Access tab | Relay | I
> gave access to my
> own computer to test
>
>
> 1.. NHL (ISA server):
> 1.. Create a server publishing rule using the wizard
> and select SMTP
> 2.. Create a protocol rule to allow DNS queries for
> name resolution
> 3.. Create a new Protocol filter and enable it to
> allow: TCP port 135 as
> this port is used by outlook clients to access exchange
> server
>
>
> 1.. APPS (Application Server)
> If you attempt to start Exchange services that run in the
> Inetinfo.exe tool,
> you may receive the following error message:
>
> Error 1083: The executable program that this service is
> configured to run in
> does not implement the service.
>
> This issue occurs when you start the following services
> from within Exchange
> server:
>
> Simple Mail Transport Protocol (SMTP)
>
> Network News Transport Protocol (NNTP)
>
> Post Office Protocol version 3 (POP3)
>
> Internet Message Access Protocol version 4 (IMAP4)
>
> Microsoft Exchange Routing Engine
>
> CAUSE
> This issue can occur because these services have not been
> configured to run
> in the Inetinfo.exe tool. They have been either configured
> to run in the
> Dllhost.exe tool, or not configured to run in any tool.
>
> RESOLUTION
> 1. Start Registry Editor
> (Regedt32.exe).
>
> 2. Locate and click the following
> registry key:
>
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InetIn
> fo\Parameters\Dis
> patchEntries
>
> 3. Click the value for the service
> that you attempted
> to start.
>
> 4. On the Edit menu, click Multi
> String, and then add
> the following values:
>
> Ldapsvc
> Smtpsvc
> Nntpsvc
> Imap4svc
> Pop3svc
> Resvc
>
> 5. Click OK.
>
> 6. Quit Registry Editor.
>
> 7. Start Administrative Tools,
> click Services, and
> then restart the Internet Information Service (IIS)
> Administrator service.
>
> STATUS
> Microsoft has confirmed that this is a problem in
> Microsoft Exchange 2000
> Server.
>
>
>
>
> Hebba Hussain Rostom
> Facility Manager
> New Horizons (Jeddah, S.A.)
> E-mail: hebba@newhorizons.com.sa
>
>
>
>
>



Relevant Pages

  • RE: Sercond ISA on SBS Member Server
    ... ISA on a SBS member server. ... Without a good backup, it's difficult to have the server ... - This is often used for ISA server configuration recovery. ...
    (microsoft.public.windows.server.sbs)
  • Re: Im trying to filter out email messages using ISA
    ... Microsoft.public.isa newsgroup that is dedicated to ISA issues. ... > Enabling SMTP Filter on ISA using Message Screener: ... > Our ISA server is called NHL. ... Install Exchange Server: ...
    (microsoft.public.win2000.security)
  • Re: External messages "spoofed" as coming from our internal domain are accepted
    ... SMTP server should accept mail from any from address as long as the TO is ... > external IP of an ISA firewall. ... > for "mydomain.com" to our Exchange Server. ...
    (microsoft.public.exchange2000.transport)
  • Re: ISA 2004 and Exchange 2003 Error
    ... Anyway, you should NOT run ISA on a domain controller, but I'm sure you've ... > is a dedicated exchange server with exchange server 2003 SP1, ... > server is a back up domain controller, with Active directory and DNS ...
    (microsoft.public.isa)
  • RE: Internet Usage Reports
    ... There is no other application on the SBS server box that can monitor ... internet activities as your needs rather than ISA server. ... Microsoft Internet Security and Acceleration Server 2004 is the ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.windows.server.sbs)