In order to properly deploy ExchangeDefender, you need to make several changes on your network. First, you have to change your MX record to point all of your inbound mail to ExchangeDefender. This way ExchangeDefender will stand in front of your mail server and bounce all the dangerous content that is sent to your network. Then, you should change your outbound smarthost to allow us to scan all of your outbound mail*. Finally, enforce IP restrictions so that you can only exchange mail through a trusted connection with ExchangeDefender.
Please modify your MX record and change it to: inbound30.exchangedefender.com
You should not have any other MX records for your domain name (subdomain MX records are OK).
Please modify your SMTP server to route all outbound mail through the following smarthost: outbound.exchangedefender.com
Please follow these instructions to modify the smarthost on Exchange 2003 and 2007:
Enforcing IP restrictions is absolutely critical to complete protection of your mail server. Because hackers and spammers can easily bypass cloud services and target your server directly, mail servers protected by ExchangeDefender should accept anonymous SMTP connections only from the ExchangeDefender networks listed below:
You should allow inbound SMTP traffic from the above IP ranges only and deny all other traffic. You should only allow outbound SMTP traffic from your mail server to the ExchangeDefender outbound servers.
Please follow these instructions to enforce IP restrictions on Exchange 2003 and 2007:
To program the IP address restrictions on the receive connector in Exchange 2007: