Learn how to a build a cloud-first strategyRegister Now


Exch 2k3 - Authentication for incoming SMTP connections is default set to anonymous..what does this do?

Posted on 2006-05-30
Medium Priority
Last Modified: 2010-03-06
And should I set it to basic or something more secure than just anonymous?  or will I have problems with recieving email if I do this?  

SMTP is for sending and receiving email or just sending?  We are using IMAP and SMTP.  Does the IMAP receive?  Kinda confusing.  Thanks Experts.
Question by:Sp0cky
  • 2
  • 2
LVL 32

Accepted Solution

r-k earned 1500 total points
ID: 16793995
SMTP is for both sending and receiving, and you will have problems receiving if you remove the anonymous setting.

IMAP is the protocol used by clients (i.e. your users) to access their mail from your server.

Author Comment

ID: 16794052
Ok.  Thank you!

p.s. That has nothing to do with loggin onto the server or domain itself right?  I mean, is it or could it be considered a security hole of some sort?
LVL 32

Expert Comment

ID: 16794139
No, it has nothing to do with logging in on the server, it is strictly for incoming email. In effect, you are saying that any email server in the world can connect to your server to send you email. I am assuming this is what you want (most people would).

Re. security, you want to make sure your server is not an open relay. See:


I believe Exch 2003 is relay secure by default, but you can test your server by going to: http://www.abuse.net/relay.html

Also, you may find the following helpful for reducing spam:


Also, for Security, anytime you have a server that faces the internet, such as an Exchange server, there is some small risk that it could be hacked and abused. What you should do about it depends on how sensitive is the network you are trying to protect (e.g. a bank) and how much money and effort you want to put into it. At the minimum, I would suggest that you (a) Do regular backups, both Exchange database and System State (b) Apply all security updates from MS promptly (c) Download and run MBSA from http://www.microsoft.com/technet/security/tools/mbsahome.mspx and see what other updates you might need (d) use a Firewall to block unnecessary ports and (e) Use long (> 10 chars) passwords for the Admin account(s).

You can also browse web forums such as this one to see others are recommending.

Good luck (don't forget those nightly backups)

Author Comment

ID: 16794169
Ok!  Thanks much r-k!!

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question