Vlad Mazek - Vladville Blog

Home Articles SBS Show Vladfire About Links Contact Wiki RSS2 Feed

ATRN is a new SMTP mechanism (RFC 2645) that allows you to temporarily hold mail for a remote mail server. Also known as ODMR (On Demand Mail Relay) this process makes it possible for the servers with unreliable Internet connections to have their own mail server without having a static IP address. Essentially, you can have your Exchange 2003 server on the Internet without paying for a T1 or static IP address assignments.

Unlike ETRN mechanism, the destination mail server is not published in the DNS so there is no need to create A or MX records. Furthermore, ATRN is more secure than ETRN because it is an authentication mechanism (Authenticated TURN as the name implies) that requires the remote SMTP server to provide authentication before the mail is sent. With ETRN a rogue SMTP server could hijack the static IP address and steal your email, a problem that the authentication layer solves. ATRN is also more convenient for planned downtime and maintenance intervals where you do not want mail arriving to your server just because of a higher MX priority required by ETRN.

The only bad news is that the Microsoft Exchange 2003 server is not fully RFC compliant, but as long as your setup is not too exotic it will work just fine. The only known issue applies when you try to authenticate with one server to download mail and another server to send (relay) mail.

This document will help you configure the destination mail server, also known as the ATRN client. You must have your own domain name and you must have a reliable SMTP server on the Internet configured to hold your mail and release it through the ATRN mechanism. So far this protocol is only supported by Microsoft Exchange 2003 (and Microsoft IIS 4 and above.) This document assumes that you are downloading email stored on the Microsoft Exchange 2003 ATRN server.

Creating an SMTP Connector

First start your Exchange System Manager, usually by clicking Start > All Programs > Microsoft Exchange > System Manager. Open your Connectors folder, right click and select New > SMTP Connector.

General Setup

First give your SMTP Connector a friendly name. We are setting up an ATRN client so I called it sbsguide.com ATRN Client.

Because we do not have a permanent IP address on the Internet we will use our ISP�s ATRN server to relay our outgoing mail. This will keep the mail from appearing from a dynamic IP address and will keep us out of the spam filters. Select �Forward all mail through this connector to the following smarthosts� and enter the hostname of the ISP�s ATRN server.

Next, add your mail server as the local bridgehead for the SMTP connector. Click on Add and select your mail server.

Sending Email

Because your outgoing mail will be sent through the ISP�s ATRN server, you need to create an SMTP connector schedule to tell your Exchange server when to send email. Select the Delivery Options tab and select �Specify when messages are sent through this connector.� By default, the connector runs all the time, but you can customize this schedule to run in 15 minute or one hour intervals during your office hours to keep long distance bills down (especially important for servers hosted in foreign countries where Internet is not cheap yet)

Selecting your domain name

Now that you have configured how the outbound mail will be sent, you need to list the domain names that you will be using for this connection. Select the Address Space tab and click on Add to add the domain you wish to use with this Exchange server. Make sure that the type of the address space is SMTP. To allow your local users to send mail through this connector you also need to check the �Allow messages to be relayed to these domains.�

Authenticating your server

In order for you to download and send mail through the ISP�s ATRN server, you need to setup SMTP authentication. Select the Advanced Tab and click on Outbound Security.

Select Basic Authentication and click on Modify. You will be prompted to enter your username and password for this connection. This information should have been provided to you by your ISP. The username frequently takes the full domain and user id form, such as DOMAINsbsguide. Click on Ok a few times to get back to the Advanced tab.

Sending a TURN request

Finally, you need to tell your server to send a TURN request to your ISP�s ATRN server. Select �Request ETRN/TURN from different server� and type in your ISP�s ATRN server hostname. Click on Customize to create a custom schedule that fits your operating hours and finally select �Issue TURN (Requires Basic or Windows security)."

Final Steps

To apply settings described above you have to restart the Microsoft Exchange Routing Engine and the Simple Mail Transfer Protocol (SMTP) services.

Additionally, you have to point the MX record of your domain to your ISP�s ATRN server. When the mail is sent to your domain, it will be delivered to your ISP�s ATRN server where it will wait for your server to trigger delivery. In order for this process to work flawlessly your username/password/domain/hostname must match the information configured on your ISP's ATRN server. Presently, commercial support for ATRN is only provided by ExchangeDefender.

Read my other Exchange articles:

Publishing SenderID records for Exchange SP2 IMFv2
Enabling IMF 2 in Exchange 2003 SP2
Changing Exchange 2003 Store Database Limits
Exchange 2003 SP2 for SBS
Modifying the Outlook Web Access Login Page
Disabling NDR (non-delivery reports) on Exchange 2003
Setting up Exchange 2003 as an ATRN Client
Setting up Exchange 2003 as an ATRN Server

Whats on Vlad's Mind?

Surprisingly little.

Actually, I am hacking away at WordPress at the moment so please pardon the dust. Should be done by the morning. The rest of the site should be done over the weekend.

Vladfire Vlog

Episode 14
Dave Sobel

Runtime: 7:05
Windows Media (37 Mb)
Quicktime (12 Mb)

Episode 13
Andy Goodman

Runtime: 5:51
Windows Media (30 Mb)
Quicktime (10 Mb)

Episode 12
Jeff Middleton

Runtime: 3:19
Windows Media (17 Mb)
Quicktime (6 Mb)

SBS Show Podcast

SBS Show is a free weekly podcast (Internet for recorded radio show) focusing on small business and technology. More at sbsshow.com but check out our latest episode:

SBS Show #24
Dave Sobel
Managing Process & Communication

Categories		Archives		About
Beta, Deals, E12, Events, Exchange, Friends, Gadgets, Google, IT Business, IT Culture, Legal, Linux, Microsoft, Misc, Mobility, Open Source, OS, Podcast, Programming, SBS Show, Security, Shockey Monkey, SMB, System Admin, Uncategorized, Vladfire, Vladville, Web 2.0, WordPress,		August 2006, July 2006, June 2006, May 2006, April 2006, March 2006, February 2006, January 2006, December 2005, November 2005, October 2005, September 2005, August 2005, July 2005,		Vlad says: Thanks for checking out my blog. You've officially reached the end of the Internet so take in what you've read and don't look at it as gospel but an invitation to start thinking for yourself.