Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 151
  • Last Modified:

How do we configure Exchange to only accept mail from...

Hi all,
How do we configure Windows/Exchange 2000 to only accept mail from 2 IP addresses?


1 Solution
You may be able to do this:

Open your SMTP virtual server properties -> Access -> Connection -> Only from list below and add those IP's
You could set it thru the "relaying" portions in exchange 2000 under smtp.  So, are you saying that you only are expecting inbound e-mail from 2 sources? By default SMTP [Port 25] is always listening and waiting for a host to connect to it, ready to receive e-mail.  Since Exchange could receive an e-mail from *any* other mail server (or client) in the world, the default settings are "allow all" - which makes sense.

But you could limit it to just 2.

First, here's a link to relaying, then the section in particular that is relevant:
Check microsoft's site too and learn about SMTP Relaying so you're clear on what you're doing.


Controlling SMTP virtual server relaying

1.Launch Exchange System Manager. Navigate to your SMTP virtual server (it's under Administrative Groups | yourAdminGroup | yourServerName | Protocols).
2.Right-click the virtual server and choose the Properties command.
3.Select the Access tab.
4.To restrict inbound SMTP connections to a particular address range (for example, if your POP3/IMAP4 clients are using a block of addresses via a VPN or dial-up connection), use the Connection… button to specify which addresses may make SMTP connections. Note that the settings in the Connection dialog apply to all hosts that try to use this SMTP server.

To control SMTP relaying, click the Relaying button. In the Relay Restrictions dialog box, you can do the following:
1.To turn off all relaying from everywhere, select the "Only the list below" radio button, then leave the Computers list blank. This is the default setting.
2.To allow relaying from a single computer or block of network addresses, use the Add button to add the IP addresses or blocks that you want to be able to relay. You can also allow relaying by domain name instead of IP address, although there is a performance penalty if you do.
3.To block a specific set of IP addresses, select the "All except the list below" radio button, then use the Add button to add the specific computers or network addresses that you want to be able to relay.
To allow computers that authenticate to Exchange to relay, no matter what other restrictions are in place, make sure that the "Allow all computers which successfully authenticate…" checkbox is turned on.
you could get a firewall that only allows the program to connect with 2 ip addresses + the pop3 ip. i think most firewalls do that.. except like the built in windows xp one.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now