Solved

SMTP relaying

Posted on 2007-04-05
2
704 Views
Last Modified: 2010-03-06
How can I set MS Exchange 2003 to allow smtp relaying only for the user that are actuly attached to my Domain/Network? I don't want any anonymous relaying.

Thanks
jdff
0
Comment
Question by:jdff
2 Comments
 
LVL 18

Accepted Solution

by:
amaheshwari earned 250 total points
ID: 18862295
check this:

How do I prevent Exchange 2000/2003 from being used as a mail relay?
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18862748
That's how it should be configured by default.  Especially since I'm assuming that this is on a Small Business Server (since you cross-posted to that zone) and you must configure the email service on Exchange with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to of which is here:  http://sbsurl.com/ceicw  (just FYI).

If you review the detailed report that the CEICW creates about what settings it modified (which is found at C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\IcwdetailsXX.htm  -- where "XX" is the incremental number assigned to this report each time you run the wizard).  The report should include the following:

Allow clients computers with an IP address within
the range of local IP addresses to relay mail through the
SMTP virtual server, which prevents spam relay.

Allow e-mail relay to local IP addresses and to
client computers that successfully authenticate against the
server.

What you'll note is that relaying is not based on user or computer accounts but rather by IP address within the LAN (or by client authentication from outside) which makes it much more secure.  In fact, you can enhance the performance of Exchange a bit by removing all user authentication and only allowing anonymous relaying --- subject to, of course, the fact that the connection is originating within the local LAN subnet (or remotely through RPC over HTTPs or VPN only).  You should NOT clear the anonymous access box under any circumstances because otherwise that will cause you to stop getting all mail from the Internet.

In fact, you really should only review the article that amaheshwari linked above so that you understand things better but since you have an SBS let the CEICW do the job it's supposed to and you'll be safe and sound.

Jeff
TechSoEasy


0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question