Question about relaying options in Exchange 2003

I got a call from our ISP that someone is using our exchange server to relay spam.  So most likely someone is using a username/password to authenticate on the exchange smtp.  The weird thing is that when i look at the smtp logs it says that a user named "user" is being  logged but there isn't a user named user.

Anyway, my question is:

I unchecked the box under the relay restrictions that says: "allow all computers which successfully authenticate to relay regardless of the list above".  Which found by going the properties of the smtp , access tab, relay button.

When unchecked this box now it allows me to selectively specify which users can relay.  It also appears that even if I don't add a user to the list but is using outlook via mapi, it lets you send out to anyone in the internet. Is this right?  So MAPI connection doesn't require the to be added to the relay?

Also, that check box: "allow all computers which successfully authenticate to relay regardless of the list above "... when it refers to the authentication is this basically when someone from the outside have a username and password it will relay?  And when I uncheck this then it will allow me to specify show has rights , more granular control?

Also the OWA users and ActiveSync users will also be able to send emails to anyone on the internet without the need to add these users to the relay users?

Thanks in advance.
digi_netAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

florin_sCommented:
0
digi_netAuthor Commented:
Florin,

Thanks for the links and I understand these (I've actually read these)  however, i have specific questions that I'm wondering about and its not general as these links explains.

Any other advice?
0
florin_sCommented:
If your server is an open relay then anyone from exterior can send messages of your server and they do not need to authenticate.

If you let the default configurations of the SMTP virtual server, the authentication and relay buttons you should be fine(like the article says) and your owa and active sync users will be able to send messages to the internet.

allow all computers which successfully authenticate to relay regardless of the list above - this refers to intern and extern, if you add someone from extern there they can then relay over your server.
0
digi_netAuthor Commented:
I think that the MAPI users are able to send out emails even when "allow all computers which successfully authenticate to relay regardless of the list above" is unchecked.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.