A. To enable clients to access news servers (Network News Transfer Protocol--NNTP), POP3, and SMTP, you need to create custom filters with the following details:

  • NNTP--Custom, Both, Local Fixed Port 119, Remote Fixed Port 119
  • POP3--Custom, Both, Local Fixed Port 110, Remote Fixed Port 110
  • SMTP--Custom, Both, Local Fixed Port 25, Remote Fixed Port 25

For example, to create an NNTP filter, perform the following steps:

  1. Start the ISA Server administration tool (Start, Programs, Microsoft ISA Server, ISA Administration Tool).
  2. Expand Array, Server, Access Policy, IP Packet Filters.
  3. Click Create Packet Filter.
  4. Enter a packet filter name (e.g., NNTP Filter), and click Next.
  5. Select the server, and click Next.
  6. Select "Allow packet transmission," and click Next.
  7. Select a type of Custom, and click Next.
  8. Select
    • IP protocol--TCP
    • Direction--Both
    • Local fixed port--119
    • Remote fixed port--119
  9. Click Next.
  10. Select the IP address to apply the filter to, and click Next.
  11. Select "All remote computers" for "IP packet filter to apply to," and click Next.
  12. Click Finish.

The above method is manually creating an IP packet filter to cater for the protocols however ISA can also dynamically create these if you instead create a Protocol Rule:

  1. Start the Internet Security and Acceleration Server administration tool (Start - Programs - Microsoft ISA Server - ISA Administration Tool)
  2. Expand the Array - Server - Access Policy - Protocol Rules
  3. Create a new protocol rule or open an existing one
  4. Select the Protocol tab
  5. Select the SMTP (client), NNTP and POP3 protocols
  6. Click OK

This would be the preferred method and is easier. If you’re running one of those services directly on your ISA server, then IP Packet Filters may have to be defined.