Solved

disabling outbound email - sbs2003

Posted on 2008-11-03
12
295 Views
Last Modified: 2010-04-19
if i disable a user account in aduc will this stop the user being able to send outbound email? i am running a sbs2003 environment with xp workstations.
0
Comment
Question by:brad2000smith
  • 7
  • 5
12 Comments
 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867437
If your SMTP-server requires authentication, then that particular user will not be able to send messages directly. The SMTP is the only weakness, since often administrators allow unauthenticated relaying from within the local network address range.
0
 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867455
Oh, and Exchange is also off limits for that user, because there the AD authentication is strictly enforced by the server.
0
 

Author Comment

by:brad2000smith
ID: 22867464
could you explain this please?  i need to stop certain users sending external email, and they currently have this available to them.
0
 

Author Comment

by:brad2000smith
ID: 22867486
we are using exchange
0
 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867578
Your Exchange server uses the Exchange protocol that Outlook can connect to directly. Since you disabled the account, the user won't be able to send mails via Outlook anymore.
Your Exchange server also contains an SMTP server. If your user connects to this one directly, he may be able to send emails through the server. It depends on the settings of the SMTP-server. Often they are configured to relay without authentication from within the local network. Set your SMTP to accept only authenticated connections and this loophole is also closed. See http://support.microsoft.com/kb/823019
0
 

Author Comment

by:brad2000smith
ID: 22867625
ok, thats great.  i dont know if our SMTP server requires authentication but we use outlook and exchange, i have disabled the account in ADUC, so this should do the trick?
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867672
0
 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867678
sorry, wrong post.
0
 
LVL 3

Expert Comment

by:Yossarian-22
ID: 22867697
Yes, disabling the user should do the trick - if your users access the Exchange server by Outlook and/or Outlook web access.
If they use Outlook express or another POP3/IMAP/SMTP client, they may be able to send emails, if your SMTP is not well configured as outlined before.
0
 

Author Comment

by:brad2000smith
ID: 22867709
ah anonymous access is ticked - under ESM>Administrative Groups>First Administrative Group>Servers>Server Name>Protocols>SMTP>Default SMTP Virtual Server>Properties>Access>Authentication>  along with basic authentication and integrated windows authentication.
0
 

Author Comment

by:brad2000smith
ID: 22867735
ok thank you. just needed to stop a user sending something they shouldnt be asap! thanks
0
 
LVL 3

Accepted Solution

by:
Yossarian-22 earned 500 total points
ID: 22867883
Then you should be on the safe side.
Just keep in mind to edit any software which uses the SMTP server now that you have disabled anonymous access. This could be an Adaptec raid-monitor or backup solution which sends out status reports.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now