How to force SMTP authentication for local users only? (Full Version)

All Forums >> [Microsoft Exchange 2010] >> Secure Messaging



Message


mrfixit3000 -> How to force SMTP authentication for local users only? (20.Jan.2011 1:32:34 PM)

So I've configured my Edge Transport server and also have Forefront Protection setup and working. I obviously need to allow anonymous users to the receive connector on the edge server so that the server will accept inbound email from outside sources.

However, I've found that I am able to send email FROM a local account, TO a local account, and have the server not ask for any authentication! I want to lock this down, but I can't find a setting anywhere in Exchange or Forefront to tell the receive connector to authenticate any session where the email is FROM a local user. Please advise!

Also, my Edge Transport server is, in fact, part of my main active directory, so integrated authentication should be possible.




turbodonkey -> RE: How to force SMTP authentication for local users only? (15.Feb.2011 5:27:40 AM)

I had the same issue on a new install, we were being spammed from out own doman!!

I had to remove a permission from the recieve connector:

remove-ADPermission -Identity <receive connector> -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
to restore
add-ADPermission -Identity <receive connector> -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender




Page: [1]