smart host to foreard or DNS to route (ORF+SMTP betwwen Exchange and TrendMicro DDEI) - ORF Forums

@Monkeenmao: Hello Monkeenmao,

When you have a gateway/front-end server relaying emails to ORF, there are only three things you have to make sure of:

1. The gateway must not remove "Received:" headers from the message header, or modify the content of the email header and body. The former will prevent ORF from determining the source IP of the email, the latter can break DKIM signatures. Both will result in false-positives.

2. You must disable SMTP authentication on the gateway-facing Exchange Receive Connector on the ORF Server, to mimic internet-facing Receive Connectors. Emails sent through authenticated SMTP connections are whitelisted by ORF automatically.

3. If the gateway is deployed outside of your network boundary and forwarding emails in a non-transparent manner (i.e. it adds its own IP to the message trace fields in the message header) via a network interface with a public IP, then you have to add that public IP to the Intermediate Host List of ORF (Administration Tool: Filtering > Intermediate Hosts).

Since ORF is not an SMTP proxy (it does not actually receive and send emails, the underlying mail server is responsible for that), there are no network interface or connector settings to worry about.

With regards to the DNS settings, we always recommend to use the "built-in DNS resolver" of ORF (Administration Tool > System > DNS > DNS Settings), unless you have to share cached data between multiple servers.

For best practices, I suggest you consult the Deployment (https://vamsoft.com/support/docs/how-tos/deployment-6.3) and Best Practices (https://vamsoft.com/support/docs/how-tos/best-practices-6.3) guides.

If you have further questions, just let me know.