Unable to send Kaspersky Security 9.x for Microsoft Exchange Servers notifications from a DMZ-located server with the Edge Transport role
This article refers to:
- Kaspersky Security 9.6 for Microsoft Exchange Servers Maintenance Release 6 (version 9.6.96.0);
- Kaspersky Security 9.5 for Microsoft Exchange Servers Maintenance Release 5 Hotfix 1 (version 9.5.10000.64).
Issue
When Kaspersky Security 9.x for Microsoft Exchange Servers is installed on a DMZ-located server with the Edge transport server role, its may fail to be delivered.
Cause
Sending messages from Kaspersky Security 9.x for Microsoft Exchange Servers (for example, notifications or reports) requires that the Сlient-access exchange service be accessible. According to Microsoft specifications, only five ports can be open in the DMZ: two SMTP ports, two ADAM ports, and one RDP port.
Thus, Kaspersky Security 9.x for Microsoft Exchange Servers cannot send any messages because the necessary HTTPS port is closed.
Solution
Establish the connection from the DMZ to the EWS server, which is specified in the notification settings of Kaspersky Security 9.x for Microsoft Exchange Servers, under the HTTPS protocol and the specially configured port (443 TCP by default).