?
Solved

Windows 2003 SMTP User Authentication on DMZ

Posted on 2004-08-30
13
Medium Priority
?
257 Views
Last Modified: 2008-03-17
I have a windows 2003 SMTP server running on a DMZ. I use it to send the incoming mail to my Exchange server 2003 running on my lan. I need to be able to authenticate with my email account so I can relay email from an outside connection, otherwise I get error 550. I need to know what ports I need to open on the firewall and how to set it up. It is any other more secure way to have this working?
0
Comment
Question by:DPRIETO
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 3
13 Comments
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929439
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929464
0
 

Author Comment

by:DPRIETO
ID: 11929536
I have readed the comments but i think i did not explain myself.
What i need is to be able to send email using  outlook from outside my office, using the smtp server on DMZ. I need to be able to delivey mail to my domain and also to any other domains. Now the internal mail is route to my exchange server and is working, but when i try to send email to other domains i get 550. I need smtp server to authenticate me as an internal user and let me send the outgoing mail.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929563
on the default smtp server relay setting, put a check box in the "allow authenticated users to relay"
0
 

Author Comment

by:DPRIETO
ID: 11929575
I know, but when i try to authenticate i get 'user unknown' I think i will have this server to join the domain in order to user the domain users. but if so, is this a secure solution?
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929595
0
 

Author Comment

by:DPRIETO
ID: 11929656
Let`s change the question. How do i enable internal users to send email messages to any domain from outside the office.
0
 
LVL 20

Expert Comment

by:ikm7176
ID: 11929658
if the server is not in your domain, then it will look into its local user accounts to authenticate. If you want to authenticate using windows 2003 domain user account you need to add the SMTP server to domain.
0
 

Author Comment

by:DPRIETO
ID: 11929673
Ok. How secure is this solution? recommended? Should i use any other?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929716
In that case there is not much point in having it in the DMZ, but ikm7176 is right about the authentication
0
 
LVL 20

Accepted Solution

by:
ikm7176 earned 1500 total points
ID: 11929730
though you can uncheck "allow authenticated users to relay" It is not recommended to not have any restrictions because anyone can use your server as an open relay

i recommend using a VPN server in your DMZ zone and allow external clients to access your SMTP server through your VPN server by creating  L2TP Session.
0
 

Author Comment

by:DPRIETO
ID: 11929740
Ok, now you know what i need. Is there any other solution more secure?
0
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11929784
I definately would not leave it as an open relay as you will be blacklisted before you now it, then you will have no mail, but I do agree with ikm7176 with regards to vpn's
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month13 days, 6 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question