Spam issues - Need to lock Exchange Server down RE: Outbound SMTP

Posted on 2008-11-05
Last Modified: 2013-12-09
Hi there,

My clients network consists of 30 LAN users and 2 Servers.
DC/Mail Server is running SBS2003 with Exchange 2003 SP2. Second server runs Server 2003 Standard R2.

The current firewall set-up only allows mail from Message Labs IP addresses inbound. The DC smart hosts outbound via a Message Labs FQDN. The firewall also blocks 25 outbound by default, and only the DC/Mail Server can send via SMTP port 25. This all works well. Clients cannot telnet outbound on 25 within the LAN.

The problem is that my client is still receiving spam mail! Message Labs have a whitelist for valid e-mail addresses that are allowed to send from our network. This whitelist gets updated automatically when a user sends mail successfully outbound. It's handy when you create a new user within the LAN because all you have to do is send one test e-mail outbound and the Message Labs whitelists is updated automatically. This is a feature they cannot turn off. What is now happening is that the whitelist is constantly populated with fake e-mail addresses. This tells me that someone within the LAN is sending spam messages outbound.

I have scanned the network with "sniffing" software but there is not much going on. I have manually gone around to all client PCs and searched for anything out of the ordinary but to no avail. I also scanned our servers but cannot find anything. At this point I am stressed out a bit!

Is there a really good way of locking down our DC/Mail server so that only Active Directory users can send/receive mail? Any help with this would be much appreciated.

Thanks in Advance.
Question by:wilsonkjit
    LVL 12

    Expert Comment

    You can set Exchange to only allow specific PC's in the domain to send/receive mail. Just take a look at the settings on your Default SMTP Connector.

    Author Comment

    Thanks for the comment.
    Rather than having PCs able to route mail via the server, is there a good way to only allow Active Directory users/groups?
    LVL 32

    Accepted Solution

    You can check "Authenticated users only" and then uncheck Anonymous Users
    I would also follow this:

    Author Comment

    Thanks for that.
    I'll enable this option via SMTP VS properties & let you know how I go.

    LVL 32

    Expert Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Want to promote your upcoming event?

    Is your company attending an event or exhibiting at a trade show soon? Are you speaking at a conference? Spread the word by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

    Set OWA language and time zone in Exchange for individuals, all users or per database.
    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now