Solved

SBS 2003 Exchange w/Open Relay

Posted on 2008-06-10
2
556 Views
Last Modified: 2012-06-27
We have a single site that appears to have an open relay.  We receive periodic monitoring alerts "SMTP Server Remote Queue Length Alert on xyzserver.  In looking at the outgoing queues there's a few messages in there that certainly look like they don't belong.

We use the ICW wizard to configure services and have standard DSL and dual nic's in the server.  Looking for a definitive approach to shutting down the relay.
0
Comment
Question by:BBrayton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Assisted Solution

by:patrickfromsc
patrickfromsc earned 75 total points
ID: 21752906
There is an approach that I use that has a number of benefits beyond just avoiding open relaying.  If you have the SMTP port (25) forwarding on your firewall to your mail server, you are going to have spammers attempt to send mail through your server.  However, you can use a service like DynDns's Mailhop Relay and limit where your firewall accepts SMTP traffic.

There are a few steps to implement this.
1. Sign up for Mailhop Relay.
2. Change your domain's MX records to deliver mail to their mail servers, which has the added advantage of mailbagging in case you are down.
3. Configure your firewall to only accept SMTP traffic from DynDns' netblocks.

Additionally, you can configure a non-conventional port for them to deliver mail to your server, allowing you to close port 25 all together.  You can also enable Spam and Virus filtering, further reducing the load on your mail server.

Regards,
PfSC
0
 
LVL 6

Accepted Solution

by:
raptorjb007 earned 175 total points
ID: 21752911
To lock down the SMTP relay on an exchange installation. Open exchange system manager, browse down to Admistrative groups->admingroup->Servers->servername->protocols->SMTP

Right-click on the smtp virtual server and choose properties. Goto the access Tab and choose relay.

Ensure that the "only the list below" bullet is selected and only devices approved to relay are in the list. At your discretion select the "allow all computers which authenticate to relay" if you like to allow domain workstations to relay directly via smtp rather than using mapi with an exchange client, typically if you are using pop3 or imap internally this is the case.

You can also review this MS Article for more detailed information.
http://support.microsoft.com/kb/324958
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question