I’m wondering what settings I should use for SMTP authentication, where the single mail server in question receives mail from external sources, and it’s also the mail server for an internal Windows 2003 domain.
I’ve been looking at the authentication settings, but I’m not confident in my own knowledge on securing Exchange 2003.
The setting I believe I need to tighten are located in: Exchange System Manager > Administrative groups > First administrative group > Server > srv01 > Protocols > SMTP > Default SMTP Virtual Server Properties > Access > Authentication.
The defaults are…
[X] Anonymous access
---[ ] Resolve anonymous email
[X] Basic authentication (password is sent in clear text)
---[ ] Requires TLS encryption
---__________ Default domain
[X] Integrated Windows Authentication
Can someone advise?