pplan
asked on
SMTP secure
Hi!
We have MS Exchange 2003 and I would like to ask if our SMTP is secure against spam with the below settings of SMTP.
as I quite often find in the Exchange system manager queue, that other servers are trying to send Spam emails using our server - the emails are waiting in the queue for next connection retry - how can I avoid it? I would like these emails to be rejected by our server immediately...
our SMTP settings is:
Authentication:
Anonymous access - CHECKED
Basic authentication (password is send in clear text) - CHECKED
Integrated Windows Authentication - CHECKED
Connection:
All except the list below - CHECKED
(we have the list empty)
Relay:
Only the list below - CHECKED
(the list is empty)
Allow all computer which successfully authenticate to relay, regardless of the list above - CHECKED
thanks!
We have MS Exchange 2003 and I would like to ask if our SMTP is secure against spam with the below settings of SMTP.
as I quite often find in the Exchange system manager queue, that other servers are trying to send Spam emails using our server - the emails are waiting in the queue for next connection retry - how can I avoid it? I would like these emails to be rejected by our server immediately...
our SMTP settings is:
Authentication:
Anonymous access - CHECKED
Basic authentication (password is send in clear text) - CHECKED
Integrated Windows Authentication - CHECKED
Connection:
All except the list below - CHECKED
(we have the list empty)
Relay:
Only the list below - CHECKED
(the list is empty)
Allow all computer which successfully authenticate to relay, regardless of the list above - CHECKED
thanks!
ASKER
thanks for your advices!
we have about 20 email accounts there and people are using these email accounts also when they are travelling abroad, using their laptops (so, we have external users) - how should I set it to be able to use this?
you write:
"The Queues of spam you are seeing are going to be NDR spam, messages send to non-existant users on your domain that are being bounced back (to equally non-existant users)."
THESE EMAILS ARE ADDRESSED TO USERS WITH EMAILS ON OTHER DOMAINS THAN OURS - THE ADDRESSES ARE FOR EXAMPLE ON YAHOO, MSN ETC... - is it OK? arn't these messages delivered somehow through our server as spam?
thanks!
we have about 20 email accounts there and people are using these email accounts also when they are travelling abroad, using their laptops (so, we have external users) - how should I set it to be able to use this?
you write:
"The Queues of spam you are seeing are going to be NDR spam, messages send to non-existant users on your domain that are being bounced back (to equally non-existant users)."
THESE EMAILS ARE ADDRESSED TO USERS WITH EMAILS ON OTHER DOMAINS THAN OURS - THE ADDRESSES ARE FOR EXAMPLE ON YAHOO, MSN ETC... - is it OK? arn't these messages delivered somehow through our server as spam?
thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks a lot for your efforts!
You are most welcome :)
-red
-red
Do you have external users that use your SMTP server to send mail? If not, untick "Allow all computer which successfully authenticate to relay, regardless of the list above"
Also, set Authentication to anonymous only, then you have the optimal security settings.
The Queues of spam you are seeing are going to be NDR spam, messages send to non-existant users on your domain that are being bounced back (to equally non-existant users).
To cure this, you want to enable recipient filtering and tarpitting -> http://www.msexchange.org/tutorials/Sender-Recipient-Filtering.html
Hope that helps,
-red