How to Restrict Access by IP Address on the Receiving Bridgehead Server

By restricting access to the SMTP virtual server by IP address, you can help make sure that only servers from a specific IP address can send mail to an Exchange bridgehead server.

Before You Begin

Before you perform the procedure in this topic, read Deployment Scenarios for Internet Connectivity.

The following permissions are required to perform this procedure:

• Member of the local administrators group and a member of a group that has had the Exchange Administrators role applied at the administrative group level

Procedure

To restrict access by IP address on the receiving bridgehead server

1. Start Exchange System Manager: Click Start, point to All Programs, point to Microsoft Exchange, and then click System Manager.

2. In the console tree, expand Servers, expand < Bridgehead Server Name >, expand Protocols, and then expand SMTP.

3. Right-click the SMTP virtual server you want, and then click Properties.

4. On the Access tab, click Connection.

5. In Connection, click Only the list below to restrict access to a specified list of IP addresses.

6. Click Add, and then perform one of the following steps:

   • Click Single Computer, and in the IP address box, type the IP address of the connecting Exchange server in the Adatum forest (the connecting forest). Repeat this step for each computer in the Adatum forest.

7. Click Group of computers, and in the Subnet address and Subnet mask boxes, type the subnet address and subnet masks for the group of computers that host connectors to the Fabrikam forest.