Techieshelp.com

Guide To Creating an E-Mail Protection Policy In Forefront TMG 2010

Create an email protection policy in TMG 2010

Problem

You need to create an E-mail protection policy in Threat Managment Gateway 2010 to manage AV , anti spyware ETC

Solution

Follow the step by step guide below on how to create an E-mail protection policy in Threat Managment Gateway 2010

1. On the TMG computer (or using the remote management console), open the Forefront TMG Management Console.

2. Click Forefront TMG (Array Name) in the left pane.

3. Click E-Mail Policy and in the task pane click Configure E-Mail Policy

4. When you access this option, the E-mail Protection Wizard launches. Click Next to continue

5. The next step allows you to define two options: the internal mail server that TMG will send e-mail to and the domain from which TMG will accept messages. The internal mail server for this scenario will be the Exchange 2007 Hub Transport Server (Example: 10.10.10.10/24) and TMG will accept messages only when the destination is domain(Example: wolverine.com.au). If you have multiple domains and multiple HT within your organization you also can add multiple entries in this option. the page of the wizard that allows you to perform this configuration.

6. To add Exchange 2007 Hub Transport Server’s IP Address, click Add. Add the Exchange 2007 Hub Transport Server(s) computer name and IP address

7. Click OK. The Internal Mail Server Configuration page now has the Exchange server(s) name and IP address

8. Click Add to add domain (Example: wolverine.com.au)

9. Click OK. The Internal Mail Server Configuration page now shows the accepted domains, Click Next to continue.

10. On the next page of the wizard, you define which network interface TMG uses to Communicate with the Exchange Server that you specified in step 6 (Example: 10.10.10.10). For this example select Internal Interface where TMG has connectivity to the Exchange Hub Transport Server,

11. Click Next. The External Mail Routing Configuration page appears

12. Enter the fully qualified domain name (FQDN) that will appear in the response to a HELO or EHLO SMTP command. This name should be the one that resolves to the reverse DNS lookup of the external TMG’s IP address. Select the TMG interface that will be used to communicate to the Internet. For this example the FQDN is mail.wolverine.com.au and the interface will be External

13. Click Next and the Mail Protection Configuration page appears. Select both options (Enable Spam Filtering and Enable Virus And Content Filtering).

14. Click Next. A summary page with all selections appears

15. Click End. The dialog box appears, asking whether you want to enable the system policy for SMTP Protection. Click Yes.

16. The E-Mail Policy tab changes according to the settings that you selected in the Wizard,

17. Click Apply to save the changes and then click OK.

18 Apply changes. Close TMG console.