Solved

SMTP relaying

Posted on 2007-04-05
2
706 Views
Last Modified: 2010-03-06
How can I set MS Exchange 2003 to allow smtp relaying only for the user that are actuly attached to my Domain/Network? I don't want any anonymous relaying.

Thanks
jdff
0
Comment
Question by:jdff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
amaheshwari earned 250 total points
ID: 18862295
check this:

How do I prevent Exchange 2000/2003 from being used as a mail relay?
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18862748
That's how it should be configured by default.  Especially since I'm assuming that this is on a Small Business Server (since you cross-posted to that zone) and you must configure the email service on Exchange with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to of which is here:  http://sbsurl.com/ceicw  (just FYI).

If you review the detailed report that the CEICW creates about what settings it modified (which is found at C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\IcwdetailsXX.htm  -- where "XX" is the incremental number assigned to this report each time you run the wizard).  The report should include the following:

Allow clients computers with an IP address within
the range of local IP addresses to relay mail through the
SMTP virtual server, which prevents spam relay.

Allow e-mail relay to local IP addresses and to
client computers that successfully authenticate against the
server.

What you'll note is that relaying is not based on user or computer accounts but rather by IP address within the LAN (or by client authentication from outside) which makes it much more secure.  In fact, you can enhance the performance of Exchange a bit by removing all user authentication and only allowing anonymous relaying --- subject to, of course, the fact that the connection is originating within the local LAN subnet (or remotely through RPC over HTTPs or VPN only).  You should NOT clear the anonymous access box under any circumstances because otherwise that will cause you to stop getting all mail from the Internet.

In fact, you really should only review the article that amaheshwari linked above so that you understand things better but since you have an SBS let the CEICW do the job it's supposed to and you'll be safe and sound.

Jeff
TechSoEasy


0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange in house vs office 365 for security 6 43
Purge \Deleted Items? 2 31
Moving on from sbs 2008... 36 80
Exchange 2013 - Outlook 2013 clients lagging 2 34
Utilizing an array to gracefully append to a list of EmailAddresses
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question