Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Facing Problem in accessing Mail on Outlook Express

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> Facing Problem in accessing Mail on Outlook Express Page: [1]
Login
Message << Older Topic   Newer Topic >>
Facing Problem in accessing Mail on Outlook Express - 31.Dec.2007 5:01:37 AM   
kamranzia

 

Posts: 5
Joined: 7.Dec.2007
Status: offline 		Hey There
i am using isa server 2006 with windows 2003 enterprise server, the DC, ISA Server, VPN, Remote Desktop Server, RRAS and Antivirus Server all are on the same machine.
The scenario is as follows:
ISA Server is using as a Firewall and Proxy server,
I want to allow some of my user to remotly access the resources of my network, so i use VPN on ISA to allow secure channel for remote access,
I then configure Remote Desktop to remotly access the Desktop of one of my Director to access data on that machine.
I than configure the Antivirus Server to protect my network from Virus Attacks.
Every thing was working properly in this scenario...
But problem arise when my manager order me to configure email accounts on that ISA Server so different users on my network can use corporate email accounts that given by my ISP.
There is no exchange server in my network, and company policy is that they want to use that ISP email accounts.
Now here is the problem ....
I am getting this error message on client's Outlook Express.
"Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'account name', Server: 'smtp.nexlinx.net.pk', Protocol: SMTP, Port: 25, Secure(SSL): No, Error Number: 0x800CCC0F"
and somtimes.... Error Number: 0x800CCC0E"
i can use email a/c from ISA Server, i can send & recieve mails from my ISA Server machine, on the client side, no email is sending/recieving, I searched from Internet and found somtimes this happens due to Norton AV Email Protection check box, i unchacked it but result was same, i uninstalled the AV & its control center but no difference, I consult it with one of my friend and he said this happend somtimes if names are not properly resolve from OE, so I insert the IP Addresses of SMTP and POP3 in servers in OE on client side, but problem is same, neither mail is going nor coming on client machine.
These accounts are working properly on Wingate, both on client and server side.
One more thing, I can telnet the ISP mail servers from my ISA Server but not from the Clients, i even cannot ping the ISP mail server, i think that i cannot ping them at all.
i want to allow my LAN users to access those email accounts by ISA Server.
ISA Server is working properly with those email accounts, but clients are not able to access those ISP's Email accounts.
I want to let my LAN Users to use those email accounts for mailing purpose.
This is my company policy, i should have to use those email accounts, and I can not skip those Email accounts.
before ISA Server, my company was and still running Wingate, I want to replace Wingate by ISA.
when I say access these email accounts i mean using SMTP and POP3.
But today i am facing some new problem in my ISA server, i am not able to send email from my ISA Server, I am getting this error message
"An unknown error has occurred. Subject 'hello', Account: 'account name', Server: 'smtp.nexlinx.net.pk', Protocol: SMTP, Server Response: '554 sorry, invalid message content  (#5.3.2)', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC6F"
when i send email from my hotmail account to this isp account, the mail can send properly, i can reply this email but i am not able to generate any New Email from my side.

thanks
Post #: 1
RE: Facing Problem in accessing Mail on Outlook Express - 31.Dec.2007 5:50:00 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline 		Hi Kamran,
Your ISA firewall looks like a cocktail.
quote:

i am using isa server 2006 with windows 2003 enterprise server, the DC, ISA Server, VPN, Remote Desktop Server, RRAS and Antivirus Server all are on the same machine.

You are definetely using an unsupported scenario:
http://blogs.isaserver.org/shinder/2007/09/09/isa-firewall-freedom-day-declared/
quote:

ISA Server 2004 and ISA Server 2006 Should Not be Installed on a Domain Controller
Problem: Installation of ISA Server 2004 on a domain controller is not supported unless the installation is performed as part of the Small Business Server 2003 Premium Edition Service Pack 1 installation, or the management wizards. Installing Isa Server 2006 on a domain controller or Small Business Server is not supported. Cause: Not supported.
Solution: No workaround.

Regards!

(in reply to kamranzia)
Post #: 2
RE: Facing Problem in accessing Mail on Outlook Express - 31.Dec.2007 11:02:11 PM   
kamranzia

 

Posts: 5
Joined: 7.Dec.2007
Status: offline 		Hi there
Dear i know it just seems to be as cocktail, but it was not my recomendation, my immediate boss ordered me to do this, & u know order is just order, Boss never asked what is best & what is worse, the main thing is wht in there mind... i tried to convince my boss alot but she said no ..... u have to do this, if u dont wanna do then simply say else u have to do....
now tell me what should i do?

(in reply to justmee)
Post #: 3
RE: Facing Problem in accessing Mail on Outlook Express - 1.Jan.2008 5:38:54 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline 		Hi Kamran,
It does not matter what I, you or your boss say. If Microsoft says it is unsupported then it is so.
http://www.microsoft.com/technet/isa/2004/plan/unsupportedconfigs.mspx#Installation
Your scenario is actually a nightmare one.
Also you *must* not use ISA as a workstation(read mails, browse the Internet...).
And the antivirus installed on ISA *must* be a third-party add-on for ISA like the ones from here:
http://www.isaserver.org/software/ISA/Anti-Virus/
What you should do is to print the Microsoft doc and take it to your boss.
What's the reason of using a firewall if you put your network in danger?
Happy New Year!

(in reply to kamranzia)
Post #: 4
RE: Facing Problem in accessing Mail on Outlook Express - 2.Jan.2008 2:42:38 AM   
kamranzia

 

Posts: 5
Joined: 7.Dec.2007
Status: offline 		Hi  Justmee
i know dear it is not recomended by Microsoft, when i quote this to my boss, she refused me and said that i you cant do it then just say, she said that she can do it within 2 hours.....
this is my new job and i cant take any risk
thats why i accept this challenge and trying to make it.
and dear i know it is really like a nightmare , so the configuration is being more and more complex & it is realy nightmare to handle or administer this type of server and this is not professionally perfact..
Antivirus i am using is Nortan Antivirus 10 and this is one more bullshit, because i tried it & it did nothing except taking space in HDD...
i know this, that it can make my network in danger but i cant do anything except resigning from my job..... and this thing i cant afford right now
thnx 4 ur greetings..... u 2 Happy New Year ..
thanks

(in reply to justmee)
Post #: 5
RE: Facing Problem in accessing Mail on Outlook Express - 2.Jan.2008 4:41:11 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline 		Hi Kamran,
I can "fix" this way faster than she.
Just format your server.
Looks to me you need another job.
That antivirus is useless on ISA.
Since I don't agree with your scenario I only have to say that in order to allow POP3 and SMTP through ISA you need an access rule from Internal to External allowing the two protocols for all users(if you want authentication you need the FWC on clients). And to make sure that DNS is working properly(depending on your ISA clients type and DNS servers used  by your clients, have the appropiate DNS rules on ISA).
http://support.microsoft.com/kb/891234
http://www.isaserver.org/articles/2004olpop3smtp.html (although is for Outlook 2003)
I will not waste my time trying to "fix" some fantasies of stupid people(aka your boss).
Regards!

(in reply to kamranzia)
Post #: 6
RE: Facing Problem in accessing Mail on Outlook Express - 3.Jan.2008 12:02:31 AM   
kamranzia

 

Posts: 5
Joined: 7.Dec.2007
Status: offline 		Hi Justmee
Thanks for ur kind cooperation, i somehow fix my problem by ur help, 1 thing i want to discuss is that, "Do I need to publish my External ISP mail servers for my Internal Users?"
Before ur help i was facing  "Error Number: 0x800CCC6F", but after ur guidance the error is changed to ...
"The connection to the server has failed. Account: 'ITG SRDC-Lhr', Server: '202.59.80.7', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E"
I tryed to check the status of my connection to the ISP, i used Netstat -an and in that i found
C:\Documents and Settings\admin.INT>netstat -an
Active Connections
Proto  Local Address          Foreign Address        State
TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
TCP    0.0.0.0:1036           0.0.0.0:0              LISTENING
TCP    0.0.0.0:1047           0.0.0.0:0              LISTENING
TCP    0.0.0.0:1057           0.0.0.0:0              LISTENING
TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING
TCP    192.168.100.12:139     0.0.0.0:0              LISTENING
TCP    192.168.100.12:1051    192.168.100.1:1745     ESTABLISHED
TCP    192.168.100.12:1069    192.168.100.1:389      ESTABLISHED
TCP    192.168.100.12:1072    192.168.100.1:1025     ESTABLISHED
TCP    192.168.100.12:1092    192.168.100.1:3389     ESTABLISHED
TCP    192.168.100.12:1096    192.168.100.1:1745     ESTABLISHED
TCP    192.168.100.12:1206    202.59.80.38:25        SYN_SENT

C:\Documents and Settings\admin.INT>netstat -an
Active Connections
Proto  Local Address          Foreign Address        State
TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
TCP    0.0.0.0:1036           0.0.0.0:0              LISTENING
TCP    0.0.0.0:1047           0.0.0.0:0              LISTENING
TCP    0.0.0.0:1057           0.0.0.0:0              LISTENING
TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING
TCP    192.168.100.12:139     0.0.0.0:0              LISTENING
TCP    192.168.100.12:1051    192.168.100.1:1745     ESTABLISHED
TCP    192.168.100.12:1069    192.168.100.1:389      ESTABLISHED
TCP    192.168.100.12:1072    192.168.100.1:1025     ESTABLISHED
TCP    192.168.100.12:1092    192.168.100.1:3389     ESTABLISHED
TCP    192.168.100.12:1096    192.168.100.1:1745     ESTABLISHED
TCP    192.168.100.12:1207    202.59.80.7:110        SYN_SENT

the syn bit or request is being send to port 25 and 110 respectively from my client to ISP SMTP & POP3 Servers, but i think problem is in returning those requests ...
again i need u my friend, hope u will not disappoint me...
thanks
regards
kamran zia

(in reply to justmee)
Post #: 7
RE: Facing Problem in accessing Mail on Outlook Express - 3.Jan.2008 7:38:48 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline 		Hi,
As long as the servers are not behind ISA you do not need to publish them.
Publishing rules are for incoming connections(say when your servers are located behind ISA-maybe a DMZ or so- and are accessed from the External Network) while access rules are for outgoing access.
So you need an access rule allowing POP3(to retrieve your received mail messages) and SMTP(to send mail messages through the ISP SMTP server), check the picture from that article written by Tom(use all users and not all authenticated users).
Try this from your computer behind ISA:
- open cmd
- telnet 202.59.80.7 110 or instead of that IP address you can use the FQDN
- Next you should get an OK message and you will be connected to the email server.
- enter USER youraccount@yourdomain, say(johndoe@doe.com)
- Another OK message shoud appear
- Next enter PASS yourpassword
- If things are fine another OK message should follow
You can repeat for SMTP.
If the tests are OK it means that the ports are not blocked by ISA.
Take off that antivirus from ISA(might "steal the ports").
Check the logs on ISA to make sure your rules are allowing traffic.
Regards!

< Message edited by justmee -- 3.Jan.2008 7:53:29 AM >

(in reply to kamranzia)
Post #: 8
RE: Facing Problem in accessing Mail on Outlook Express - 7.Jan.2008 5:28:35 AM   
kamranzia

 

Posts: 5
Joined: 7.Dec.2007
Status: offline 		Thanks Justmee
it was all because of Norton Antivirus, I installed NAV in the begining, and then uninstalled it, but may be some files remain in system folder or due to some other problem of NAV, i was not able to send and recive emails from my clients. Now as u said i format my HDD, repartition it, and fresh installation of MS Windows 2003 Server, except NAV every thing was as before and its working,
Thanks a lot again my friend.
i want to ask 1 more thing from u, as u said and i checked ur link that microsoft is not recommend that ISA 2006 and DC on same machine, what will happen, if we do it,
1-  This is not good practice, and we have to follow the recommendations of vendor.
2- ISA or DC will be corrupt sooner.
3- I can not get desired results.
or any thing else

take a good care of urself
thanks again dear
babye

(in reply to justmee)
Post #: 9
RE: Facing Problem in accessing Mail on Outlook Express - 7.Jan.2008 8:23:23 AM   
justmee

 

Posts: 505
Joined: 14.May2007
Status: offline 		Kamran,
The first and most important reason for not installing ISA 2006 on a DC is security. Simply it cannot be secured enough.
Microsoft used to offer ISA 2004 on SBS but with ISA 2006 they gave up:
http://www.microsoft.com/windowsserver2003/sbs/evaluation/faq/netsec.mspx
quote:

Q. Can I install ISA 2006 on SBS 2003 R2?   
A. No. There have been significant changes to the ISA product architecture, and the configuration and management tools unique to SBS 2003 R2 do not support the new version. If you require the new enterprise-level features found in ISA 2006 such as Web proxy chaining, you should consider installing a separate server running Windows Server 2003 and ISA 2006.

About other reasons, who cares anymore about them as the first one defeats the purpose of a firewall?
Regards!

(in reply to kamranzia)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> Facing Problem in accessing Mail on Outlook Express Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts