• Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SMTP -> Relay settings.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2000] >> Server Security >> SMTP -> Relay settings. Page: [1]
Message << Older Topic   Newer Topic >>
SMTP -> Relay settings. - 4.Jun.2004 5:42:00 PM   


Posts: 29
Joined: 11.Mar.2004
From: Conshohocken, PA.
Status: offline
I want to make sure I understand this correctly - let me know if I am wrong with the below statments:

Under the SMTP virtual server properties, Access Control, Authentication button - I should keep "anonymous access" checked because you never know what system is sending you e-mail. So it needs to allow anonymous - otherwise, you won't receive your email!

What about the "Relay Restrictions" button? I kept the default Exchange 2000 settings, which is to: "Allow all computers which successfully authenticate to relay, regardless of the list above" - is that a security hole by default?

My setup is simple. 1 exchange server with mainly the defaults exchange 2000 comes with. Is there an inherent security leak there, or no?

Ideally, the only people I'd want "relaying" are the ones with a valid account & password. Are these default settings doing that for me?

-many thanks.
Post #: 1
RE: SMTP -> Relay settings. - 4.Jun.2004 6:43:00 PM   


Posts: 264
Joined: 19.Aug.2002
From: Baltimore, MD
Status: offline
This will answer your question.


(in reply to zabagar)
Post #: 2
RE: SMTP -> Relay settings. - 23.Jun.2004 5:01:00 PM   
I'd just like to say that even after reading that article I am still perplexed about what my server is doing. Apparently although all those settings were set as suggested someone was still able to put over 10K of undeliverable "viagra and cialis" messages into my outgoing queue. I do not currently know how many "deliverable" ones did get though. I am becomming very nevous about appearing on open relay or black lists. Without haveing my client change the outgoing mail server how does one prevent this? Open relay tests that I have run have come up with RCPT TO: <"rlytest%rep.rbl.jp"> as an accepted relay. Now I do not know if that is the garbarge getting stuck in my undeliverable queue but when you have over 50Gigs of bad mail in less then a week it tends to cause problems.

(in reply to zabagar)
  Post #: 3
RE: SMTP -> Relay settings. - 24.Jun.2004 7:42:00 AM   


Posts: 203
Joined: 15.Jul.2001
From: Qatar
Status: offline
Hi ,

I am also concerned about certain viruses or worms sending messages in this way using actual accounts after obtaining a list of user names and go on guissing their passwords .

This happens frequently on our network when you get a message in your mail box from the system administrator account of a certain domain saying that your message was infected , so on .

You know that you did not send any message to this domain .

What could possibly be wrong in this case ?


(in reply to zabagar)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2000] >> Server Security >> SMTP -> Relay settings. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts

Follow TechGenix on Twitter