ArticlesArticles Most Popular ArticlesMost Popular Articles
RSS Feeds
DrillDown Icon Table of Contents
DrillDown Icon 2018 Official Holidays & Support Schedule
DrillDown Icon IMPORTANT: End of Life of SHA1 on Windows Server 2003
DrillDown Icon IMPORTANT: Supported Operating Systems
DrillDown Icon PLEASE READ: Our Update Server IPs Have Changed
DrillDown Icon Support
DrillDown Icon modusGate for Microsoft Azure
DrillDown Icon modusCloud
DrillDown Icon Alleviating Spam – Best Practices
DrillDown Icon directQuarantine Technical Information
DrillDown Icon modusMail & modusGate Technical Information
DrillDown Icon Documentation & Release Information
DrillDown Icon Known Issues (non-release related)
DrillDown Icon Configuration Information
DrillDown Icon modusGate & modusMail
DrillDown Icon modusGate Only
DrillDown Icon How-to: Perform a Backup/Restore on a modusGate Appliance
DrillDown Icon How-to: Integrate modusGate with a PGP Gateway
DrillDown Icon How-to: Reset a ModusGate Appliance to its Original State
DrillDown Icon How-to: Encrypt ModusGate User List Population and Authentication Requests
DrillDown Icon How-to: Install ModusGate v4.4 on Small Business Server 2003
DrillDown Icon Info: Appliance Cannot Access the ModusGate Console or System Health Panel
DrillDown Icon Info: ModusGate Appliance Cannot be Reached after Hooking up to the Network
DrillDown Icon How-To: Configure ModusGate with Specific OpenLDAP Server Attributes
DrillDown Icon How-To: Configure ModusGate with Sun One Open Directory for Sun Email Servers
DrillDown Icon Info: Mailbox Verification vs. Mailbox Authentication
DrillDown Icon How-To: Deactivate the Mimicking of Active Directory’s "Disabled Accounts" in ModusGate
DrillDown Icon Info: Forward Lookup / Pre-auth Options in ModusGate
DrillDown Icon How-To: Change the IIS Port on the ModusGate Appliance
DrillDown Icon How-To: Configure ModusGate with an Exchange/Outlook Junk Email Folder
DrillDown Icon How-To: Deploy ModusGate with Exchange/LDAP Servers
DrillDown Icon How-To: Deploy ModusGate with Groupwise
DrillDown Icon How-To: Deploy ModusGate with Lotus Domino 5 & 6
DrillDown Icon How-To: Deploy ModusGate with Postfix
DrillDown Icon How-To: Deploy ModusGate with Qmail
DrillDown Icon How-To: Deploy ModusGate with Sendmail
DrillDown Icon How-To: Prevent the Accumulation of Invalid User Names with Remote Exchange Server
DrillDown Icon How-To: Test POP3 Authentication with ModusGate
DrillDown Icon Info: Modusadm will not start while installed on Exchange 2013.
DrillDown Icon How-To: Upgrade NEP to modusGate \ modusCloud
DrillDown Icon How-To: Deploy ModusGate with Azure
DrillDown Icon modusMail Only
DrillDown Icon SQL Server Information
DrillDown Icon MySQL Information
DrillDown Icon Security
DrillDown Icon Sieve
DrillDown Icon Spam and False-Positives
DrillDown Icon Statistics and Monitoring Section
DrillDown Icon Web Components
DrillDown Icon Troubleshooting
DrillDown Icon Hardware & OS System Requirements
DrillDown Icon Tools
DrillDown Icon Other Product Technical Information
DrillDown Icon Professional Services
DrillDown Icon Newsletters
  Email This ArticlePrint PreviewPrint Current Article/Category and All Sub-Articles/Categories
 
How-To: Deploy ModusGate with Exchange/LDAP Servers

 

Product: ModusGate

Version & Build: 4.7 and up

 

ModusGate - Exchange Deployment Guide

There are several ways to deploy ModusGate with Exchange.  Please download and review the attached document before contacting Support.  The document contains useful information that will help you configure and troubleshoot your setup.
 
Exchange 2003 Info
 

Exchange does not natively reject invalid addresses during the SMTP connection.  This can cause problems for ModusGate customers who select the SMTP authentication option for Automatically populate user list instead of using the LDAP or Exchange 2000+ options.  Problems arise when Exchange appears to accept invalid addresses which are added to the user list on ModusGate (thus causing licensing problems). 

 

However, Exchange 2003 can be configured to reject invalid addresses, resulting in a 550 5.5.1 User unknown error.  ModusGate, in turn, bounces these messages and your user count will reflect only valid addresses on your system.  Use the following instructions to configure this on the Exchange server:

 

NOTE: These instructions apply to Exchange 2003 only. 

 

Enable directory lookup for recipients in the recipient filter:

  • Go to the Exchange System Manager 
  • Open Global Settings and right-click Message Delivery
  • Select Properties and click on Recipient Filtering
  • Put a checkmark at Filter recipients who are not in the Directory
  • Click OK

Enable the recipient filter on the SMTP protocol binding that accepts mail from the Internet:

  • Navigate to the SMTP Virtual Server that listens on the Internet (repeat these steps if you have more than one)
  • Right-click on the SMTP Virtual Server, choose Properties
  • From General, click on Advanced 
  • Select the IP/port binding that corresponds to the one that listens on the Internet and click on Edit
  • Put a checkmark at Apply Recipient Filter
  • Click OK and exit

When someone does a RCPT TO: invaliduser@localdomain, they will get a 550 5.5.1 User unknown error.

 
Exchange 2007 Info

Microsoft® Exchange Server 2007, by default, accepts up to 5,000 total connections, with only 2% permitted from the same source (i.e. a maximum of 100 connections).  The server receives mail from countless addresses throughout the world.  However, with modusGate™ (or any SMTP gateway) in front of the Exchange Server, mail is received from only one IP address – that of modusGate™.

If modusGate™ is handling a heavy mail load, relaying legitimate mail to Exchange, it could be choked by Exchange’s limitations.  Therefore, Vircom suggests that you increase the percentage from 2 to 20. 

Please consult the following Microsoft KB article for complete details: http://technet.microsoft.com/en-us/library/bb232205(EXCHG.80).aspx



The following Exchange 2007 settings, mentioned in the article, are relevant to modusGate:


Set-ReceiveConnector > MaxInboundConnection

This parameter specifies the maximum number of inbound SMTP connections that this Receive connector allows at the same time. The default value is 5,000.


Set-ReceiveConnector > MaxInboundConnectionPercentagePerSource

This parameter specifies the maximum number of SMTP connections that a Receive connector allows at the same time from a single source messaging server. The value is expressed as the percentage of available remaining connections on a Receive connector. The maximum number of connections that are permitted by the Receive connector is defined by the MaxInboundConnection parameter. The default value of the MaxInboundConnectionPercentagePerSource parameter is 2%. Change this parameter to 20%.


Set-ReceiveConnector > MaxInboundConnectionPerSource

This parameter specifies the maximum number of SMTP connections that a Receive connector allows at the same time from a single source messaging server. The default value is 100.  Change this value to 1,000.
 
 
Exchange 2010 Info 
 
It is not required to configure an Edge Transport server for Exchange 2010, since modusGate and the Edge server perform similar functions. If you wish, however, an Edge server can be used in addition to modusGate for redundancy or dual protection purposes. 

Whatever your chosen setup, the modusGate server must communicate directly with the Exchange / Active Directory server through LDAP port (3268) to validate the email address. Therefore
when configuring the routes in modusGate, enter the IP of the Exchange / Active Directory Global Catalog Server for Auto-populate user list and Authentication.
 
If you wish to use a Hub Transport server and need help with configuration, please contact Microsoft directly for advice. 
 
 
Attachments
Modified 5/6/2011
Keywords: pre-auth, Exchange, LDAP, SBS 2003, AD, Active Directory
Article ID: 1378