Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Relay problem - blocking spammers - anonymous/basic/windows integrated authentication

Posted on 2008-10-06
7
Medium Priority
?
348 Views
Last Modified: 2013-11-30
I send tons of email to customers who get their messages from us.  because some of my systems use an email addresse for actually sending, and also use a second address as the "sender", Exchange considers this a relay.  As a result I have to leave Anonymous, Basic, and WIndows Integrated authentication turned on.  I have a spmmer doing relay off my server now.  He is sending email with addresses such as this one:
 "ScotiaBank Update<customerservice@id7013146863.eppicard.com>".
How can I block these when I encounter one, without getting in the way of the rest of my outgoing email?
0
Comment
Question by:colorbars
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 8

Expert Comment

by:sstone55423
ID: 22654967
YOur exchange has to allow relay based on IP address, rather than based on domain name.  Any spammer can spoof your domain name once they figure out that you have it configured that way.
0
 

Author Comment

by:colorbars
ID: 22655047
How do I do that?  DO I create a recipient policy?  Do I create a list somewhere of IP's to allow or block?  Where do I create thie list and manage it?

Thanks!

Jim K.
0
 
LVL 8

Expert Comment

by:sstone55423
ID: 22655126
Hmmm,   You have Exchange Server 2003?  SMTP is either under the properties of the SMTP virtual server (servers | protocols)  or as a connector under the "Relay Restrictions" tab, and then "only the list below" and populate it with the ip networks within your organization.
0
What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

 
LVL 8

Accepted Solution

by:
sstone55423 earned 375 total points
ID: 22655164
I see I expressed myself badly in the last  message.  The relay restrictions is under the virtual server properties.  The connector is is a different place.  The connectors are found under ROuting Groups, Organization, connectors, Internet Mail Service properties.  I think the connector is only for outbound connections though.
0
 
LVL 8

Assisted Solution

by:smeek
smeek earned 375 total points
ID: 22655992
If you have multiple devices/systems that need to bounce email off your Exchange server, you can just add them specifically as relays to your SMTP Virtual Server.  You could also programmatically have them authenticate if they are applications or some systems.  Here are more details on relaying.
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

Steve

0
 

Author Comment

by:colorbars
ID: 22661724

Well, it appears I was on the right track.  I still can;t make things work the way I would like.  I did notice that in the list box where you can add IP's of computers you want to allow relay to without authentication, thatif I put in the public IP of my mail server, and the internal computers I want to be able to relay off the mail server, my mail goes out.  But I have no way of knowing if the spammers email will get on here and go out.  If I remove the public email server IP, then NO mail goes out.  I'd much rather get it working just allowing internal IP's to relay, then I know I am keeping out illicit spammer relays.  SO thanks Steve for the link!  It is helping to confirm or at least let me know I am in the right place.  Now I just need to figure out the right combination of outbound connection settings, outbound authentication, outbound security, etc.  I have not found it yet.  I can only let everyone relay it seems.  Also, in addition to allowing the public mail IP, I have to have the user "Everyone" in the users allowed box with the relay permission enabled.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question