We've currently installed a new Exchange Server 2013 (NOC 1 internal corp mail behind firewall) however currently use an external  mail Server (NOC2) IMAP POP3/SMTP for clients to authenticate and download and relay (SMTP) their e-mail. I'm looking for advise on how to effectively maintain the current Server performing primary scanning/anti virus & RBl filtering and relay, post scanned e-mail to our internal corporate Exchange 2013 server.  Also, would like, if at all possible, best practices for over-all security hardening of IIS & Exchange.

Thank you in advance,

William

an external  mail Server (NOC2) IMAP POP3/SMTP for clients to authenticate and download and relay (SMTP) their e-mail.

is it some managed Linux server?
If yes, you can configure Linux as front-end server and Exchange as back-end server.
In Firewall you need to open 25 port for communication between Servers and 443 for clients (IIS, Outlook). and additional ports for POP3\IMAP clients.

• Edited by Anahaym Saturday, February 07, 2015 12:02 AM

Hi William,

According to your description, I understand you want to deploy another mail server and take responsible for external IMAP POP3/SMTP user.
If I misunderstand your concern, please do not hesitate to let me know.

Why not deploy Exchange server for IMAP or POP3 user? This protocol is supported by Exchange server. By default, POP3 and IMAP4 are disabled in Microsoft Exchange Server 2013. 
More details about POP3 and IMAP4, for your reference: https://technet.microsoft.com/en-us/library/jj657728(v=exchg.150).aspx
Besides, please refer to below link to get details about Exchange, Firewalls, and Support: http://blogs.technet.com/b/exchange/archive/2013/02/18/exchange-firewalls-and-support-oh-my.aspx

For security question, we can deploy Edge server in DMZ to prevent anti-spam. We can enable several filter, for example connection filter, sender filter, content filter and so on.
More information for Understanding Anti-Spam and Antivirus Mail Flow: https://technet.microsoft.com/en-us/library/aa997242(v=exchg.141).aspx

Best Regards,
Allen Wang

Thank you Allen,

I'm looking for the step-by-step procedure for setting up Exchange Server 2013 to receive from(IMAP) and send through (SMTP) our public facing mail server.  Domain DNS, MX and A records are pointed to this public IP address and want this server to primarily handle Scanning/AV & SPAM then relay/forward to Exchange server. 

I need the domain mydomain.com to reside on the external public facing server and the internal Exchange 2013 server so internal domain e-mail will remain local.

Thank you,

William

Yes we have a Linux server currently handling our mail services.  We need to maintain current mail processing, however want the new Exchange 2013 server to handle internal mail and only relay SMTP outbound traffic to the Linux mail server.

Thanks,

William

Yes we have a Linux server currently handling our mail services.  We need to maintain current mail processing, however want the new Exchange 2013 server to handle internal mail and only relay SMTP outbound traffic to the Linux mail server.

Thanks,

William

i have configuration for Postifix. do you use Postfix?

On Exchange you need to configure only "send connector" for route mail through smart host - Linux server:

Yes I have the Send Connector working, however retrieving POP3 mail off Linux EXIM mail server is the issue.  What is the best way to create a domain (mydomain.com) within the  active directory and Exchange?  We currently have internal domain from active directory OU, however need to tie in the corportate external domain name i.e. mycorp.com and need advise as to set it up.

Thanks again,

William

Domain Active Directory and Mail-domain are not linked directly.

You could name AD domain mydomain.internal and add a lot of domains in Exchange with their names like mydomain.com or mydomain.net. Just add your mail-domain into Exchange:

Please read about AD Names here.

however retrieving POP3 mail off Linux EXIM mail server is the issue

That exactly doesn't work? Could you explain?

Exim can't send email to Exchange? Is Exim configured for relying?

POP3 is only client protocol which used by Outlook and etc. Between Exim and Exchange must used SMTP (if Exim works same like Postfix).

• Edited by Anahaym 8 hours 44 minutes ago