Okay, I am sure all of this has been touched upon before, but I am at my wits end and need to throw all of this on the table so that I can get answers to my dilemma.
I am running Exchange 2000 for a small business that hosts its own email as well as the email of several of its smaller clients, each with their own dedicated domain name. My problem arose when a new client was added, setup the same way all of the others have been, but they have been unable to send mail using Outlook as the client. They have full access when using the Outlook Web Access interface.
When I looked into this further, it appeared like I may have a hacker/spammer problem...okay, no. I DO have a spammer problem and I don't know how to deal with it AND provide access via Outlook to our external clients.
Everything I have read indicates that we should have all three types of authentication enabled for the Default SMTP Server,which I do. I understand that we have to have anonymous authentication enabled or else no one in our domain(s) will be able to receive mail from outside. It is my understanding that turning this off means that other servers trying to deliver mail to our accounts will be unable to because our server will reject them. If that's correct then I understand the need to leave this turned on.
Under Relay Restrictions we have the Only the List Below option select with a blank list. I read that this is correct as selecting "All But The Following" turns us into an open relay and we definitely don't want that! There seems to be some debate about the "Allow all computers..." checkbox but I have it selected.
The client that is unable to send e-mail from Outlook is able to do so when I select the "All But The Following". Obviously, I can't leave this setting!
I am able to verify that we are being used for relaying by watching the connections on TCP port 25 and monitoring the Queues listed under the Default SMTP Server in Enterprise Manager. I've performed whois checks on a number of the IP addresses that attempt connections and have found many from Asia, Aftrice and Latin America. Coinciding with these connections are the additional queues that appear with messages sent from "postmaster@mydomain.com" - I don't have a postmaster user defined so I am taking this as evidence that these are messages being relayed through our server masked to look like they came from us - SPAM!!!!
Gven the information I have read thus far, I don't understand how we can block these unwanted outside users from relaying through our servers, continue to allow legitimate messages to come into our servers for our users AND allow our remote clients to send and receive messages. Except I know that this is how it is done and there are probably hundreds of hosting services out there doing exactly this.
Can someone please clarify the purpose of each of these settings when it comes to a hosting environment such as this and what steps I can take to eliminate the relaying that is taking place and get my clients up and running with Outlook?
Start Free Trial
