Solved

Windows 2003 SMTP User Authentication on DMZ

Posted on 2004-08-30
13
248 Views
Last Modified: 2008-03-17
I have a windows 2003 SMTP server running on a DMZ. I use it to send the incoming mail to my Exchange server 2003 running on my lan. I need to be able to authenticate with my email account so I can relay email from an outside connection, otherwise I get error 550. I need to know what ports I need to open on the firewall and how to set it up. It is any other more secure way to have this working?
0
Comment
Question by:DPRIETO
  • 5
  • 5
  • 3
13 Comments
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929439
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929464
0
 

Author Comment

by:DPRIETO
ID: 11929536
I have readed the comments but i think i did not explain myself.
What i need is to be able to send email using  outlook from outside my office, using the smtp server on DMZ. I need to be able to delivey mail to my domain and also to any other domains. Now the internal mail is route to my exchange server and is working, but when i try to send email to other domains i get 550. I need smtp server to authenticate me as an internal user and let me send the outgoing mail.
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929563
on the default smtp server relay setting, put a check box in the "allow authenticated users to relay"
0
 

Author Comment

by:DPRIETO
ID: 11929575
I know, but when i try to authenticate i get 'user unknown' I think i will have this server to join the domain in order to user the domain users. but if so, is this a secure solution?
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929595
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:DPRIETO
ID: 11929656
Let`s change the question. How do i enable internal users to send email messages to any domain from outside the office.
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929658
if the server is not in your domain, then it will look into its local user accounts to authenticate. If you want to authenticate using windows 2003 domain user account you need to add the SMTP server to domain.
0
 

Author Comment

by:DPRIETO
ID: 11929673
Ok. How secure is this solution? recommended? Should i use any other?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929716
In that case there is not much point in having it in the DMZ, but ikm7176 is right about the authentication
0
 
LVL 20

Accepted Solution

by:
ikm7176 earned 500 total points
ID: 11929730
though you can uncheck "allow authenticated users to relay" It is not recommended to not have any restrictions because anyone can use your server as an open relay

i recommend using a VPN server in your DMZ zone and allow external clients to access your SMTP server through your VPN server by creating  L2TP Session.
0
 

Author Comment

by:DPRIETO
ID: 11929740
Ok, now you know what i need. Is there any other solution more secure?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929784
I definately would not leave it as an open relay as you will be blacklisted before you now it, then you will have no mail, but I do agree with ikm7176 with regards to vpn's
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data‚Ķ
how to add IIS SMTP to handle application/Scanner relays into office 365.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now