Solved

Windows 2003 SMTP User Authentication on DMZ

Posted on 2004-08-30
13
247 Views
Last Modified: 2008-03-17
I have a windows 2003 SMTP server running on a DMZ. I use it to send the incoming mail to my Exchange server 2003 running on my lan. I need to be able to authenticate with my email account so I can relay email from an outside connection, otherwise I get error 550. I need to know what ports I need to open on the firewall and how to set it up. It is any other more secure way to have this working?
0
Comment
Question by:DPRIETO
  • 5
  • 5
  • 3
13 Comments
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929439
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929464
0
 

Author Comment

by:DPRIETO
ID: 11929536
I have readed the comments but i think i did not explain myself.
What i need is to be able to send email using  outlook from outside my office, using the smtp server on DMZ. I need to be able to delivey mail to my domain and also to any other domains. Now the internal mail is route to my exchange server and is working, but when i try to send email to other domains i get 550. I need smtp server to authenticate me as an internal user and let me send the outgoing mail.
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929563
on the default smtp server relay setting, put a check box in the "allow authenticated users to relay"
0
 

Author Comment

by:DPRIETO
ID: 11929575
I know, but when i try to authenticate i get 'user unknown' I think i will have this server to join the domain in order to user the domain users. but if so, is this a secure solution?
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929595
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 

Author Comment

by:DPRIETO
ID: 11929656
Let`s change the question. How do i enable internal users to send email messages to any domain from outside the office.
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929658
if the server is not in your domain, then it will look into its local user accounts to authenticate. If you want to authenticate using windows 2003 domain user account you need to add the SMTP server to domain.
0
 

Author Comment

by:DPRIETO
ID: 11929673
Ok. How secure is this solution? recommended? Should i use any other?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929716
In that case there is not much point in having it in the DMZ, but ikm7176 is right about the authentication
0
 
LVL 20

Accepted Solution

by:
ikm7176 earned 500 total points
ID: 11929730
though you can uncheck "allow authenticated users to relay" It is not recommended to not have any restrictions because anyone can use your server as an open relay

i recommend using a VPN server in your DMZ zone and allow external clients to access your SMTP server through your VPN server by creating  L2TP Session.
0
 

Author Comment

by:DPRIETO
ID: 11929740
Ok, now you know what i need. Is there any other solution more secure?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929784
I definately would not leave it as an open relay as you will be blacklisted before you now it, then you will have no mail, but I do agree with ikm7176 with regards to vpn's
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now