• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 719
  • Last Modified:

SMTP relaying

How can I set MS Exchange 2003 to allow smtp relaying only for the user that are actuly attached to my Domain/Network? I don't want any anonymous relaying.

2 Solutions
check this:

How do I prevent Exchange 2000/2003 from being used as a mail relay?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
That's how it should be configured by default.  Especially since I'm assuming that this is on a Small Business Server (since you cross-posted to that zone) and you must configure the email service on Exchange with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to of which is here:  http://sbsurl.com/ceicw  (just FYI).

If you review the detailed report that the CEICW creates about what settings it modified (which is found at C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\IcwdetailsXX.htm  -- where "XX" is the incremental number assigned to this report each time you run the wizard).  The report should include the following:

Allow clients computers with an IP address within
the range of local IP addresses to relay mail through the
SMTP virtual server, which prevents spam relay.

Allow e-mail relay to local IP addresses and to
client computers that successfully authenticate against the

What you'll note is that relaying is not based on user or computer accounts but rather by IP address within the LAN (or by client authentication from outside) which makes it much more secure.  In fact, you can enhance the performance of Exchange a bit by removing all user authentication and only allowing anonymous relaying --- subject to, of course, the fact that the connection is originating within the local LAN subnet (or remotely through RPC over HTTPs or VPN only).  You should NOT clear the anonymous access box under any circumstances because otherwise that will cause you to stop getting all mail from the Internet.

In fact, you really should only review the article that amaheshwari linked above so that you understand things better but since you have an SBS let the CEICW do the job it's supposed to and you'll be safe and sound.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now