Lock down MS Exchange Server Question

witgrefe
witgrefe used Ask the Experts™
on
I have a Microsoft Exchange server 5.5 loaded on NT 4.0.  I want to lock it down so that mail can be sent to and from users in the Recipients list and prevent any email being routed through my server by people who send multitudes of emails via someoneelse's server to hide their identity.

Can some one please tell me what configurationchanges should be made.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Hello,

This regkey will stop your exchange to act as an open relay and permit only authenticated users to send mail.

Stop Internet Mail Service , add/modify this key and restart it.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIMC\Parameters]
"RelayFlags"=dword:00000008

You will have to check also to see if you are listed in spamlists. Go to www.openrbl.org and enter the ip of your exchange server. If you see entries saying that the server was reported as open relay then you will have to foolow the steps indicated to be removed.

Mishou
You should probably configure this through Exchange Administrator rather than a registry hack. In Exchange Administrator, Expand your site, then Configuration and go to Connections. Oen Internet Mail Service from the right pane. Go to the Routing tab. The setting here depend on what type of clinets you are using. If all your clients use Outlook MAPI and you don't have any valid sources on your network that need to bounce mail off your server, then you can select the "Do not reroute incomming SMTP mail" checkbox. If uou have POP3, IMAP4 or applications on your network that relay mail, click the routing restrictions tab and check the "Hosts and clients that successfully authenticate" box. You can also add specifc IPs if you have applications that need to relay without authenticating. If you have POP3 or IMAP4 clients, you will have to make sure they are configured to authenticate before they send email.

Commented:
Here is a good article on checking this - http://www.exchangeadmin.com/Articles/Index.cfm?ArticleID=7696.

Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
I configured Exchange as follows:
On the Routing Tab, I allowed routing and ticked the Routing Restrictions box, but did not enter any address.  I had the server checked as a relay and got the report that it is not relaying.  The Registry relay setting is now 3.  I presume that is ok.  But, I seem to be having difficulty in sending mail to recipients on that server, any ideas?

I did not click "Do not reroute incomming SMTP mail" on the routing tab, because I was told that that setting will not be good enough for the relay test as it delivers a message back or something like that.
Regards
On the routing tab, make you you have an entry for your domain set to route as <inbound>.

Author

Commented:
I rebooted and that did the trick

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial