We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Email Security Gateway

How can I configure a Smart Host in Microsoft Exchange 2003/2007/2010 with my Barracuda Spam Firewall / Email Security Service (ESS)?

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00005838

Scope:
This solution applies to configuring a Smart Host in Microsoft Exchange Server to be used with the Barracuda Spam and Virus Firewall as well as the Barracuda Email Security Service. 

Answer:
In Exchange 2003, it's possible to configure a smart host on the Default SMTP Virtual Server, but if you do it this way you can only set a single smart host. The preferred method, therefore, is to use an SMTP Connector for your outgoing emails which does allow multiple smart hosts to be specified.


Important Note: Barracuda Networks provides no guarantee that these instructions will work, and that the customer uses them at their own risk.  If you have questions about how to apply the guidelines below to your particular Microsoft installation, you will need to explore support options for your Microsoft product. 


How to Configure a Smart Host on Exchange 2007/2010

For Exchange 2007/2010 there is only one way to configure a smart host which is on the Send Connector. If your Exchange Server 2007/2010 is currently able to send emails externally, a Send Connector must already have been created and configured correctly on the Hub Transport server. Configuring Exchange 2007/2010 to use the Barracuda Spam and Virus Firewall as a smart host therefore, just requires you to modify the settings on this Send Connector.


For Exchange 2007/2010 Microsoft has split into separate roles the various jobs that Exchange has to perform, with the implication that each role will be handled by a different server. The Hub Transport role is the one responsible for sending and receiving external emails. In the real world of most companies, a single Exchange server is likely to be performing all the various roles. 

If you have a dedicated Hub Transport server these steps must be configured on that specific server.

1.     Open the Exchange Management Console

2.     Click on the + next to Organization Configuration

3.     Select Hub Transport

4.     Select the Send Connectors tab

5.     Right‐click on the existing Send Connector

6.     Select Properties

7.     Select the Network tab.

8.     Select "Route mail through the following smart hosts:" and click Add

9.     Enter the internal IP address of your Barracuda appliance, or your ESS outbound hostname.. similar to dXXXX.o.ess.barracudanetworks.com (located under Domains tab in ESS)

All other tabs will be unchanged. If it’s not already populated, the Source Server tab should have one entry, the name of your Exchange server. 

Once you click OK the changes will take effect immediately.


How to Configure a Smart host on Exchange 2003

Open Exchange System Manager and click on the + next to Connectors to see if you are already using an SMTP Connector. SBS2003 comes with a pre‐configured SMTP Connector as shown below:

If you need to create a new connector:

1.     Right‐click on Connectors and select New > SMTP Connector.

2.     If a SMTP Connector already exists, right‐click on it and choose Properties

3.     The SMTP Connector > Properties page opens which has 8 tabs.

o    (There could be a 9th tab called Security if you've previously enabled this tab by a registry change, but, in any case, there's nothing to configure on this tab.)

On the General tab where there are 3 things to configure:

1.     Name - Call it what you want for example "Barracuda Outgoing Email".

1.     a.    Select "Forward all mail through this connector to the following smart hosts" and enter the internal IP address of your Barracuda Spam and Virus firewall or your ESS outbound hostname.. similar to dXXXX.o.ess.barracudanetworks.com (located under Domains tab in ESS)

1.     b.    You will need to place square brackets [ ] around the hostname.

2.     Local bridgeheads:  This is your Exchange server.

1.     Click Add... and there will only be one option.

3.     Go to the Address Space tab.

o    Click Add - and select the default options which are:

§  Type = SMTP

§  Email Domain = *

§  Cost = 1

§  Connector scope = Entire Organization

§  "Allow messages to be relayed to these domains" is not selected

o    There's nothing to change on the other 6 tabs.

4.     Click OK and close Exchange System Manager.

In order for the new settings to take effect, you need to restart the following services:

1.     Microsoft Exchange Routing Engine

2.     Simple Mail Transport Protocol (SMTP)

Rebooting the server will also enable the new settings, if this is easier.

Additional Information: 

 

If you are getting 'Invalid Domain' after following the above steps, please reference Solution # 00002087and follow the steps outlined there.

For ESS outbound email make sure you check your DNS Settings to see if the domain has a TXT or SPF record and if it does, you must add our INCLUDE statement as below:

include:spf.ess.barracudanetworks.com

 

  EXAMPLE:

If your current SPF looks like this:

"v=spf1 mx ip4:555.555.555.555/32 ~all"

 

Your new SPF would look something like this:

"v=spf1 mx ip4:555.555.555.555/32 include:spf.ess.barracudanetworks.com ~all"

 

Link to This Page: 
https://campus.barracuda.com/solution/50160000000Ieo0AAC