SMTP -> Relay settings. (Full Version)

All Forums >> [Microsoft Exchange 2000] >> Server Security


zabagar -> SMTP -> Relay settings. (4.Jun.2004 5:42:00 PM)

I want to make sure I understand this correctly - let me know if I am wrong with the below statments:

Under the SMTP virtual server properties, Access Control, Authentication button - I should keep "anonymous access" checked because you never know what system is sending you e-mail. So it needs to allow anonymous - otherwise, you won't receive your email!

What about the "Relay Restrictions" button? I kept the default Exchange 2000 settings, which is to: "Allow all computers which successfully authenticate to relay, regardless of the list above" - is that a security hole by default?

My setup is simple. 1 exchange server with mainly the defaults exchange 2000 comes with. Is there an inherent security leak there, or no?

Ideally, the only people I'd want "relaying" are the ones with a valid account & password. Are these default settings doing that for me?

-many thanks.

pvong -> RE: SMTP -> Relay settings. (4.Jun.2004 6:43:00 PM)

This will answer your question.

Guest -> RE: SMTP -> Relay settings. (23.Jun.2004 5:01:00 PM)

I'd just like to say that even after reading that article I am still perplexed about what my server is doing. Apparently although all those settings were set as suggested someone was still able to put over 10K of undeliverable "viagra and cialis" messages into my outgoing queue. I do not currently know how many "deliverable" ones did get though. I am becomming very nevous about appearing on open relay or black lists. Without haveing my client change the outgoing mail server how does one prevent this? Open relay tests that I have run have come up with RCPT TO: <""> as an accepted relay. Now I do not know if that is the garbarge getting stuck in my undeliverable queue but when you have over 50Gigs of bad mail in less then a week it tends to cause problems.

raedaljarrah -> RE: SMTP -> Relay settings. (24.Jun.2004 7:42:00 AM)

Hi ,

I am also concerned about certain viruses or worms sending messages in this way using actual accounts after obtaining a list of user names and go on guissing their passwords .

This happens frequently on our network when you get a message in your mail box from the system administrator account of a certain domain saying that your message was infected , so on .

You know that you did not send any message to this domain .

What could possibly be wrong in this case ?


Page: [1]