Solved

SMTP relaying

Posted on 2007-04-05
2
708 Views
Last Modified: 2010-03-06
How can I set MS Exchange 2003 to allow smtp relaying only for the user that are actuly attached to my Domain/Network? I don't want any anonymous relaying.

Thanks
jdff
0
Comment
Question by:jdff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
amaheshwari earned 250 total points
ID: 18862295
check this:

How do I prevent Exchange 2000/2003 from being used as a mail relay?
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
0
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18862748
That's how it should be configured by default.  Especially since I'm assuming that this is on a Small Business Server (since you cross-posted to that zone) and you must configure the email service on Exchange with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to of which is here:  http://sbsurl.com/ceicw  (just FYI).

If you review the detailed report that the CEICW creates about what settings it modified (which is found at C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\IcwdetailsXX.htm  -- where "XX" is the incremental number assigned to this report each time you run the wizard).  The report should include the following:

Allow clients computers with an IP address within
the range of local IP addresses to relay mail through the
SMTP virtual server, which prevents spam relay.

Allow e-mail relay to local IP addresses and to
client computers that successfully authenticate against the
server.

What you'll note is that relaying is not based on user or computer accounts but rather by IP address within the LAN (or by client authentication from outside) which makes it much more secure.  In fact, you can enhance the performance of Exchange a bit by removing all user authentication and only allowing anonymous relaying --- subject to, of course, the fact that the connection is originating within the local LAN subnet (or remotely through RPC over HTTPs or VPN only).  You should NOT clear the anonymous access box under any circumstances because otherwise that will cause you to stop getting all mail from the Internet.

In fact, you really should only review the article that amaheshwari linked above so that you understand things better but since you have an SBS let the CEICW do the job it's supposed to and you'll be safe and sound.

Jeff
TechSoEasy


0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question