Spam issues - Need to lock Exchange Server down RE: Outbound SMTP

Hi there,

My clients network consists of 30 LAN users and 2 Servers.
DC/Mail Server is running SBS2003 with Exchange 2003 SP2. Second server runs Server 2003 Standard R2.

The current firewall set-up only allows mail from Message Labs IP addresses inbound. The DC smart hosts outbound via a Message Labs FQDN. The firewall also blocks 25 outbound by default, and only the DC/Mail Server can send via SMTP port 25. This all works well. Clients cannot telnet outbound on 25 within the LAN.

The problem is that my client is still receiving spam mail! Message Labs have a whitelist for valid e-mail addresses that are allowed to send from our network. This whitelist gets updated automatically when a user sends mail successfully outbound. It's handy when you create a new user within the LAN because all you have to do is send one test e-mail outbound and the Message Labs whitelists is updated automatically. This is a feature they cannot turn off. What is now happening is that the whitelist is constantly populated with fake e-mail addresses. This tells me that someone within the LAN is sending spam messages outbound.

I have scanned the network with "sniffing" software but there is not much going on. I have manually gone around to all client PCs and searched for anything out of the ordinary but to no avail. I also scanned our servers but cannot find anything. At this point I am stressed out a bit!

Is there a really good way of locking down our DC/Mail server so that only Active Directory users can send/receive mail? Any help with this would be much appreciated.

Thanks in Advance.
wilsonkjitAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

michaelgoldsmithCommented:
You can set Exchange to only allow specific PC's in the domain to send/receive mail. Just take a look at the settings on your Default SMTP Connector.
0
wilsonkjitAuthor Commented:
Thanks for the comment.
Rather than having PCs able to route mail via the server, is there a good way to only allow Active Directory users/groups?
0
gupnitCommented:
Hi,
You can check "Authenticated users only" and then uncheck Anonymous Users
I would also follow this: http://www.amset.info/exchange/spam-cleanup.asp
Thanks
Nitin
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wilsonkjitAuthor Commented:
Thanks for that.
I'll enable this option via SMTP VS properties & let you know how I go.

Cheers
0
gupnitCommented:
Surething....
Cheers
Nitin
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
AntiSpam

From novice to tech pro — start learning today.