Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Security issue on exchange server

Posted on 2008-09-30
7
Medium Priority
?
205 Views
Last Modified: 2012-05-05
hi all

i have recently installed exchange 2007 and i have came up against a few issues that i hope i can get resolved

1. We have a script that runs on one server to send emails to certain customers - the problem being it would not work until i set the script to "NOT" authenticate as the administrator - it now sends email by passing straight to a mailbox !! what have i missed that is allowing this lapse in security?

2. I have been advised that i really should of went with an edge server, which i did not do. I can see the benefits obviously, but as we use a product from gfi that basically does the same by sitting in front of exchange and filters spam etc i thought there was really no need - plus i wanted to save on the hardware, am i really doing anything to cause concern considering we have less than 100 mailboxs?

0
Comment
Question by:meteorelec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Accepted Solution

by:
kieran_b earned 700 total points
ID: 22604313
1. the admin account has a lot of restrictions on it - but the fact that you are sending to internal users means you don't need to authenticate anyway - not a security flaw, a feature

2. I am yet to see a great need for an edge server in the real world...
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22604325
can you create a user for this service only? and authenicate the script using this new user? raher than appearing as a real users name?
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22604335
or just permit the ip address of the server the script runs on to relay trough your exchange server which wont require authenticaton
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 2

Author Comment

by:meteorelec
ID: 22604449
i am sending on behalf of an internal address to external address's

eg services@companyname.com  to joebloggs@hotmail.com

forgot i could restrict in relay by ip address!! that should tie it down pretty much

Can anyone think why a support guy (microsoft techy) would be very adament that i need an edge server? or is he a little to brain washed?

0
 
LVL 25

Expert Comment

by:kieran_b
ID: 22604534
I would say that is the brainwashing...

For your size network, it is unnecessary - the other Exchange MVPs seem to agree as well
0
 
LVL 11

Assisted Solution

by:Bertling
Bertling earned 700 total points
ID: 22604579
0
 
LVL 2

Author Comment

by:meteorelec
ID: 22605577
thanks for advice guys
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question