Solved

SMTP relaying

Posted on 2007-04-05
2
701 Views
Last Modified: 2010-03-06
How can I set MS Exchange 2003 to allow smtp relaying only for the user that are actuly attached to my Domain/Network? I don't want any anonymous relaying.

Thanks
jdff
0
Comment
Question by:jdff
2 Comments
 
LVL 18

Accepted Solution

by:
amaheshwari earned 250 total points
ID: 18862295
check this:

How do I prevent Exchange 2000/2003 from being used as a mail relay?
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18862748
That's how it should be configured by default.  Especially since I'm assuming that this is on a Small Business Server (since you cross-posted to that zone) and you must configure the email service on Exchange with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to of which is here:  http://sbsurl.com/ceicw  (just FYI).

If you review the detailed report that the CEICW creates about what settings it modified (which is found at C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\IcwdetailsXX.htm  -- where "XX" is the incremental number assigned to this report each time you run the wizard).  The report should include the following:

Allow clients computers with an IP address within
the range of local IP addresses to relay mail through the
SMTP virtual server, which prevents spam relay.

Allow e-mail relay to local IP addresses and to
client computers that successfully authenticate against the
server.

What you'll note is that relaying is not based on user or computer accounts but rather by IP address within the LAN (or by client authentication from outside) which makes it much more secure.  In fact, you can enhance the performance of Exchange a bit by removing all user authentication and only allowing anonymous relaying --- subject to, of course, the fact that the connection is originating within the local LAN subnet (or remotely through RPC over HTTPs or VPN only).  You should NOT clear the anonymous access box under any circumstances because otherwise that will cause you to stop getting all mail from the Internet.

In fact, you really should only review the article that amaheshwari linked above so that you understand things better but since you have an SBS let the CEICW do the job it's supposed to and you'll be safe and sound.

Jeff
TechSoEasy


0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now