digi_net
asked on
Question about relaying options in Exchange 2003
I got a call from our ISP that someone is using our exchange server to relay spam. So most likely someone is using a username/password to authenticate on the exchange smtp. The weird thing is that when i look at the smtp logs it says that a user named "user" is being logged but there isn't a user named user.
Anyway, my question is:
I unchecked the box under the relay restrictions that says: "allow all computers which successfully authenticate to relay regardless of the list above". Which found by going the properties of the smtp , access tab, relay button.
When unchecked this box now it allows me to selectively specify which users can relay. It also appears that even if I don't add a user to the list but is using outlook via mapi, it lets you send out to anyone in the internet. Is this right? So MAPI connection doesn't require the to be added to the relay?
Also, that check box: "allow all computers which successfully authenticate to relay regardless of the list above "... when it refers to the authentication is this basically when someone from the outside have a username and password it will relay? And when I uncheck this then it will allow me to specify show has rights , more granular control?
Also the OWA users and ActiveSync users will also be able to send emails to anyone on the internet without the need to add these users to the relay users?
Thanks in advance.
Anyway, my question is:
I unchecked the box under the relay restrictions that says: "allow all computers which successfully authenticate to relay regardless of the list above". Which found by going the properties of the smtp , access tab, relay button.
When unchecked this box now it allows me to selectively specify which users can relay. It also appears that even if I don't add a user to the list but is using outlook via mapi, it lets you send out to anyone in the internet. Is this right? So MAPI connection doesn't require the to be added to the relay?
Also, that check box: "allow all computers which successfully authenticate to relay regardless of the list above "... when it refers to the authentication is this basically when someone from the outside have a username and password it will relay? And when I uncheck this then it will allow me to specify show has rights , more granular control?
Also the OWA users and ActiveSync users will also be able to send emails to anyone on the internet without the need to add these users to the relay users?
Thanks in advance.
ASKER
Florin,
Thanks for the links and I understand these (I've actually read these) however, i have specific questions that I'm wondering about and its not general as these links explains.
Any other advice?
Thanks for the links and I understand these (I've actually read these) however, i have specific questions that I'm wondering about and its not general as these links explains.
Any other advice?
If your server is an open relay then anyone from exterior can send messages of your server and they do not need to authenticate.
If you let the default configurations of the SMTP virtual server, the authentication and relay buttons you should be fine(like the article says) and your owa and active sync users will be able to send messages to the internet.
allow all computers which successfully authenticate to relay regardless of the list above - this refers to intern and extern, if you add someone from extern there they can then relay over your server.
If you let the default configurations of the SMTP virtual server, the authentication and relay buttons you should be fine(like the article says) and your owa and active sync users will be able to send messages to the internet.
allow all computers which successfully authenticate to relay regardless of the list above - this refers to intern and extern, if you add someone from extern there they can then relay over your server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please see the following articles for information about relaying and how to prevent it:
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
http://www.amset.info/exchange/filter-unknown.asp
http://support.microsoft.com/kb/895853