• Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Security Setup Issues

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Security Setup Issues Page: [1]
Message << Older Topic   Newer Topic >>
Security Setup Issues - 21.Feb.2007 4:23:26 PM   


Posts: 5
Joined: 1.May2004
From: MI, USA
Status: offline
I am running Exchange 2000 for a small business that hosts its own e-mail as well as the e-mail of some of its smaller clients.  We have run into an issue where a client that was recently added cannot connect to the server using Outlook 2000, 2003 or Express.  The error message has to do with the server not responding.

As part of my troubleshooting efforts, I have tried unsuccessfully to telnet into the server from outside our network using the command: "telnet mail.mydomain.com 25".  From this, I began monitoring TCP port activity using the Windows netstat command.

What I have found is what appears to be someone (or someoneS) using our servers to relay messages.  I began doing a whois search on all of the IP addresses that connected to port 25 and repeatedly found these to be from Asia, Africa or Latin America.  In addition, when viewing the Queues for the Default SMTP Server in Enterprise Manager, the list grows dramatically when one of these IP's connects.  All messages indicates that they are being sent by postmaster@mydomain.com  I'm thinking this is a bad sign (correct my if I'm wrong).

The problem is that I don't know what settings I should have in place to properly block these outside "users" from being able to relay message but still allow our outside clients to do so.  The setup currently allows anonymous access and the relay restrictions are set to "Only the list below" and the "allow all computer which successfully authenticate..." checkbox is checked.  If I change the restriction to "All except those below", our client can connect and send e-mail from Outlook.  But, doesn't this open our server up for attacks like it appears is occuring?

How can I prevent these outside users from relaying through our server yet continue to provide POP3/SMTP access to our clients?

Thanks in advance.
Post #: 1
RE: Security Setup Issues - 7.May2010 3:15:10 AM   


Posts: 3
Joined: 5.May2010
Status: offline
Meet the newest member of the Orion family: a powerful, scalable IP address management module that enables you and your team to create, schedule, and share IP space reports! Get affordable IP address management that is unified with performance monitoring data for a comprehensive view of network health!
SolarWinds Orion IP Address
Manager (IPAM) provides detailed visibility into IP address space usage, making it easy to minimize IP conflicts & ensure your network is always humming.
Download a free trial & discover how Orion IP Address Manager (IPAM)

< Message edited by Sukhdeep -- 7.May2010 3:16:17 AM >

(in reply to SonOfPirate)
Post #: 2
RE: Security Setup Issues - 19.Oct.2011 6:02:23 PM   


Posts: 139
Joined: 13.Sep.2011
Status: offline
For those that may be looking for a good security setup, here is what I'm ... cause issues, I'll go into Shadow Mode and be even more confident.

(in reply to Sukhdeep)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Security Setup Issues Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts

Follow TechGenix on Twitter