Solved

SBS 2003 Exchange w/Open Relay

Posted on 2008-06-10
2
551 Views
Last Modified: 2012-06-27
We have a single site that appears to have an open relay.  We receive periodic monitoring alerts "SMTP Server Remote Queue Length Alert on xyzserver.  In looking at the outgoing queues there's a few messages in there that certainly look like they don't belong.

We use the ICW wizard to configure services and have standard DSL and dual nic's in the server.  Looking for a definitive approach to shutting down the relay.
0
Comment
Question by:BBrayton
2 Comments
 
LVL 3

Assisted Solution

by:patrickfromsc
patrickfromsc earned 75 total points
ID: 21752906
There is an approach that I use that has a number of benefits beyond just avoiding open relaying.  If you have the SMTP port (25) forwarding on your firewall to your mail server, you are going to have spammers attempt to send mail through your server.  However, you can use a service like DynDns's Mailhop Relay and limit where your firewall accepts SMTP traffic.

There are a few steps to implement this.
1. Sign up for Mailhop Relay.
2. Change your domain's MX records to deliver mail to their mail servers, which has the added advantage of mailbagging in case you are down.
3. Configure your firewall to only accept SMTP traffic from DynDns' netblocks.

Additionally, you can configure a non-conventional port for them to deliver mail to your server, allowing you to close port 25 all together.  You can also enable Spam and Virus filtering, further reducing the load on your mail server.

Regards,
PfSC
0
 
LVL 6

Accepted Solution

by:
raptorjb007 earned 175 total points
ID: 21752911
To lock down the SMTP relay on an exchange installation. Open exchange system manager, browse down to Admistrative groups->admingroup->Servers->servername->protocols->SMTP

Right-click on the smtp virtual server and choose properties. Goto the access Tab and choose relay.

Ensure that the "only the list below" bullet is selected and only devices approved to relay are in the list. At your discretion select the "allow all computers which authenticate to relay" if you like to allow domain workstations to relay directly via smtp rather than using mapi with an exchange client, typically if you are using pop3 or imap internally this is the case.

You can also review this MS Article for more detailed information.
http://support.microsoft.com/kb/324958
0

Featured Post

[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now