• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Relay restrictions

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Relay restrictions Page: [1]
Login
Message << Older Topic   Newer Topic >>
Relay restrictions - 26.Nov.2003 9:42:00 PM   
mick34

 

Posts: 48
Joined: 13.Jun.2003
From: Montreal, Quebec, Canada
Status: offline
How would I best configure my environment to block relay?
My network is as follows. I have an ISA server on W2K which publishes to an SMTP relay on W2K, and than in turn forwards inbound SMTP traffic to an Exchange 2000.
We have the SMTP onfigured to not relay mail externally, that works fine, but we have brought up the point of someone internally using a client like Outlook Express to replicate a valid internal e-mail address and send mail through our Excahnge server via SMTP to other internal clients Outlook 2000 client.
If we set the SMTP virtual server settings on the Exchange server to use windows authentication and not Anonymous, would this solve the problem, or would it cause an issue with the communication between our relay server and Exchange?

Thanks in advance for any help.
Mick34
Post #: 1
RE: Relay restrictions - 30.Dec.2003 6:17:00 PM   
mohsindabomb

 

Posts: 25
Joined: 30.Dec.2003
From: UK
Status: offline
NO, this wont solve the problem. But will actually make things worse. SMTP servers on the internet wont be able to authenticate with your smtp and wont be able to deliver you mail destined for your users. They need anonymous authentication enabled to establish an smtp session and transfer email to your server.
I'm facing the same problem. Instead of implementing relay restrications based on ip ranges or location, i want to control relaying based on user/password authentication. I havent found a way yet, but if i do i'll let you know. And if you know it, please let me know. Thanks.

RedBull.

(in reply to mick34)
Post #: 2
RE: Relay restrictions - 23.Feb.2004 8:49:00 PM   
Christ5340

 

Posts: 33
Joined: 12.Dec.2003
From: Dothan, AL
Status: offline
Turn on SMTP logging(all fields), what a couple of days, then import those text(log) files into Excel or Access and sort based on IP, grouping by counting and you can see which IP's are hitting you the most. For the IP's and domains that you don't recognize, check that IP address using ARIN, http://ws.arin.net/cgi-bin/whois.pl and see where the registrar is located. Most likely will be Asia, SA, or Europe if it's spam ore relay attemtps. I had this same problem, did what I've discussed and blocked the following netblocks at my Cisco Internet router using access-list 100 deny ip host xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx any
I blocked the following netblocks which include most all of Asia, some European, and some known US spammers and my spam is 99.999% gone.
deny ip 202.0.0.0 0.255.255.255 any
deny ip 203.0.0.0 0.255.255.255 any
deny ip 217.0.0.0 0.255.255.255 any
deny ip 218.0.0.0 0.255.255.255 any
deny ip 219.0.0.0 0.255.255.255 any
deny ip 220.0.0.0 0.255.255.255 any
deny ip 221.0.0.0 0.255.255.255 any
deny ip 222.0.0.0 0.255.255.255 any
deny ip 188.0.0.0 0.255.255.255 any
deny ip 80.0.0.0 0.255.255.255 any
deny ip 81.0.0.0 0.255.255.255 any
deny ip 82.0.0.0 0.255.255.255 any
deny ip 60.0.0.0 0.255.255.255 any
deny ip 61.0.0.0 0.255.255.255 any
deny ip 62.0.0.0 0.255.255.255 any
deny ip 210.0.0.0 0.255.255.255 any
deny ip 211.0.0.0 0.255.255.255 any
deny ip 212.0.0.0 0.255.255.255 any
deny ip 213.0.0.0 0.255.255.255 any
deny ip 193.0.0.0 0.255.255.255 any
deny ip 194.0.0.0 0.255.255.255 any
deny ip 195.0.0.0 0.255.255.255 any
deny ip 38.0.0.0 0.255.255.255 any
deny ip 43.0.0.0 0.255.255.255 any
deny ip 133.0.0.0 0.255.255.255 any
deny ip 83.0.0.0 0.255.255.255 any

(in reply to mick34)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Relay restrictions Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter