SBS 2003, Exchange 2003, smtp rejects incoming mail, 454 5.7.3 Client was not authenticated.

Settings of SMTP server:
IP - all unassigned
Access Control - Basic Authentication, Windows Integrated Authentication
Users - Anonymous logon, everyone - submit, authenticated users - submit, relay
Connection control - all except the list below and field is empty
Relay - Only the list below and empty field + checked Allow all computers which ......................
Outbound security - Anonymous Access

In Outlook I have to check authenticate to send email, and it is going ok.

If I in Access Control check Anonymous access, it is possible to send spam over this smtp server. I'm testing it using telnet.

Pls help me, if you know answer.

Thanks a lot
jsyselAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gpriceeeCommented:
Access Control --> select Anonymous access (this allows emial to be delivered to you)
                      --> clear Basic

                      --> Users Check Submit
                      --> Users Clear Relay

Connection control is okay
Relay is okay
Outbound is okay


jsyselAuthor Commented:
If I check Anonymous access, I'm unable to set to users or group of users, this button is unavailable. I try spam test and it allow all emails I tried to sent.
gpriceeeCommented:
Restart the virtual server
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

jsyselAuthor Commented:
Nothing helped. Spam is still going thru. I need to get rid of spam and incoming messages should be accepted.
gpriceeeCommented:
SPAM is different from relaying.  SPAM requires filtering.  You can try the Microsoft Intelligent Message Filter:
 http://www.microsoft.com/downloads/details.aspx?familyid=C1B08F7B-8CAF-4147-B074-8C9C8F277071&displaylang=en
jsyselAuthor Commented:
I know this anti-spam filter. But if I change Anonymous access, then everybody can send emails using their email addresses to another addresses, that doesn't belongs to my domain. So I need to be able, to receive messages from everyone and to disable messages from anyone to someone else.
gpriceeeCommented:
Hi.  
Have you stopped and restarted the virtual server?  SMTP?  
After you make changed to the virtual server, you should restart it.  After you make changes to an SMTP connector, you should restart the SMTP service.

Are you attempting to receive messages from everyone but deliver messages to no one external?
jsyselAuthor Commented:
I restarted SMTP virtual server and SMTP service too.

I can send messages to anyone, I can receive messages only from users, that are in my domain(they have to login to send emails).
gpriceeeCommented:
Hi.  If you don't allow anonymous authentication, you won't be able to receive email from external users.  Their servers do not know the authentication for your server; thus, anonymous.

Do you actually have SPAM being sent from your server?

Ultimately, how do you want to protect your email?  A prefered method is top have an SMTP box residing in the DMZ and have that box forward to the Exchange server.  
jsyselAuthor Commented:
Now it is not possible to do it this way. Because our financial situation is not good. So we have email server and before it firewall. If I allow anonymous access, than can anybody send message in the following format:
My domain: xxx.com

his domain: yyy.com
sending email to domain: zzz.com

he's able to send emails from anywhere using any email address to be source and any email address to be destination. I can't allow this. If you want to know more settings, pls just ask.
gpriceeeCommented:
Hi.  Please check the following KB article to ensure that your server actually is a relay agent and not just seeming to be one because of testing.  Exchange can "look" like an open relay to testing but actually isn't:
http://support.microsoft.com/?kbid=304897

If it actuall is a relay, links at the bottom of the article need to be reviewed.  Remember, you need anonymous access if you're going to allow other email servers to deliver mail to you; otherwise, you'd have to call the admin of every server delivering mail to you and setup authentication.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gpriceeeCommented:
Here is a very good link to check your server for relay issues:
http://support.microsoft.com/?kbid=895853&SD=tech

How is it going?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.