none
TMG with SMTP Relay Role

    Question

  • We currently have a two TMG servers on two different ISP connections for our business, and we would like to have two send connectors to be used by Exchange in the event one of our ISPs is down.

    Is it possible to install the SMTP role on a server also running TMG, and what are the best practices here?

    Thanks in advance!

    Tuesday, April 10, 2012 7:25 PM

Answers

  • Hello,

    An Exchange Edge Server can be used for SMTP relaying.

    I would not recommended that for:

    • Security reasons
    • Performance reasons
    • Troubleshooting complexity
    • ...

    Why don't you just configure ISP redundancy for the ISP connections? See this: http://www.isaserver.org/tutorials/microsoft-forefront-tmg-isp-redundancy-mode.html

    If you use Enterprise edition for TMG, you can configure a standalone array and configure an NLB cluster for your array members (The two TMG servers in this case).


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Tuesday, April 10, 2012 8:55 PM
  • -just configure exchange to use the both isp servers as smarthost on the send connector

    -configure tmg to use ISP redundancy

    -add a static route to each smtp server to prevent exchange from accessing smtpserver a from provider b

    See this post for the static route:

    http://blogs.technet.com/b/isablog/archive/2009/10/14/the-isp-redundancy-feature-of-forefront-tmg.aspx


    Thursday, April 12, 2012 3:26 PM

All replies

  • Hello,

    An Exchange Edge Server can be used for SMTP relaying.

    I would not recommended that for:

    • Security reasons
    • Performance reasons
    • Troubleshooting complexity
    • ...

    Why don't you just configure ISP redundancy for the ISP connections? See this: http://www.isaserver.org/tutorials/microsoft-forefront-tmg-isp-redundancy-mode.html

    If you use Enterprise edition for TMG, you can configure a standalone array and configure an NLB cluster for your array members (The two TMG servers in this case).


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Tuesday, April 10, 2012 8:55 PM
  • We actually have two TMG servers, one on each ISP connection, but I'm trying to find a way to create redundancy for outbound e-mail.  I was thinking if I also granted the SMTP role to each of the TMG servers, I could use them as two send connectors.

    Thursday, April 12, 2012 3:15 PM
  • -just configure exchange to use the both isp servers as smarthost on the send connector

    -configure tmg to use ISP redundancy

    -add a static route to each smtp server to prevent exchange from accessing smtpserver a from provider b

    See this post for the static route:

    http://blogs.technet.com/b/isablog/archive/2009/10/14/the-isp-redundancy-feature-of-forefront-tmg.aspx


    Thursday, April 12, 2012 3:26 PM
  • -just configure exchange to use the both isp servers as smarthost on the send connector

    One of the ISPs requires authentication for using their SMTP server, not a trusted IP.  I'm not sure if that will work.  That's why I was thinking about gi ving the SMTP role to the TMG servers.  Thoughts?  Or should I create some Linux SMTP relays outside the firewalls and use them as send connectors?

    Thursday, April 12, 2012 5:23 PM
  • create 2 send connectors and configure one for authentication, you can give the one you prefer a lower cost.



    • Edited by Coen80 Thursday, April 12, 2012 6:41 PM
    Thursday, April 12, 2012 6:39 PM