colorbars
asked on
Relay problem - blocking spammers - anonymous/basic/windows integrated authentication
I send tons of email to customers who get their messages from us. because some of my systems use an email addresse for actually sending, and also use a second address as the "sender", Exchange considers this a relay. As a result I have to leave Anonymous, Basic, and WIndows Integrated authentication turned on. I have a spmmer doing relay off my server now. He is sending email with addresses such as this one:
"ScotiaBank Update<customerservice@id7 013146863. eppicard.c om>".
How can I block these when I encounter one, without getting in the way of the rest of my outgoing email?
"ScotiaBank Update<customerservice@id7
How can I block these when I encounter one, without getting in the way of the rest of my outgoing email?
YOur exchange has to allow relay based on IP address, rather than based on domain name. Any spammer can spoof your domain name once they figure out that you have it configured that way.
ASKER
How do I do that? DO I create a recipient policy? Do I create a list somewhere of IP's to allow or block? Where do I create thie list and manage it?
Thanks!
Jim K.
Thanks!
Jim K.
Hmmm, You have Exchange Server 2003? SMTP is either under the properties of the SMTP virtual server (servers | protocols) or as a connector under the "Relay Restrictions" tab, and then "only the list below" and populate it with the ip networks within your organization.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, it appears I was on the right track. I still can;t make things work the way I would like. I did notice that in the list box where you can add IP's of computers you want to allow relay to without authentication, thatif I put in the public IP of my mail server, and the internal computers I want to be able to relay off the mail server, my mail goes out. But I have no way of knowing if the spammers email will get on here and go out. If I remove the public email server IP, then NO mail goes out. I'd much rather get it working just allowing internal IP's to relay, then I know I am keeping out illicit spammer relays. SO thanks Steve for the link! It is helping to confirm or at least let me know I am in the right place. Now I just need to figure out the right combination of outbound connection settings, outbound authentication, outbound security, etc. I have not found it yet. I can only let everyone relay it seems. Also, in addition to allowing the public mail IP, I have to have the user "Everyone" in the users allowed box with the relay permission enabled.