Link to home
Start Free TrialLog in
Avatar of williamstechnologygroup
williamstechnologygroupFlag for United States of America

asked on

should I disable authentication onmy smtp virtual server?

I have recently started turning off smtp relaying on your main exchange server (uncheck allow all computers which successfully authenticate to relay regardless of the list above). I also read this post in the MS IMF guide:
Helping to Secure Your Gateway SMTP Virtual Servers
Dictionary attacks are brute force attacks that use common words as possible passwords to discover valid passwords for well-known accounts, such as the administrator account. Malicious users attempt dictionary attacks to gain access to computers.
To help protect your SMTP gateway servers from possible dictionary attacks, you can disable all forms of authentication on your inbound SMTP virtual servers that accept Internet mail. Because no authentication is permitted, malicious users cannot use dictionary attacks to discover passwords and authenticate to your computer to relay mail or perform other unauthorized actions--
In Exchange System Manager, expand Servers, expand <your inbound Exchange server>, expand Protocols, and then expand SMTP.
2.      Right-click the inbound SMTP virtual server, and then click Properties.
3.      Click the Access tab, and then click Authentication.
4.      In Authentication, clear the Basic authentication and Integrated Windows Authentication check boxes.
Is this a good idea and when would you NOT want to do this?
SOLUTION
Avatar of Andres Perales
Andres Perales
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of williamstechnologygroup

ASKER

The instruction i included state to disable it on INBOUND SMTP. Does this mean that outbound email will be fine. That is what I'm confused about. I know that I cannot disable authentication for outbound email. But they are talking about email coming in. Does this make a difference?
You don't authenticate email when you are sending email out, unless you are using a smart host. Even then the smart host setting is set on the SMTP Connector.

The instructions look like they were written for a multiple site environment where there is an SMTP gateway being used - although if that was the case changing the authentication settings would actually cause a problem! The change would only apply on a single server deployment, but I have to say it is not something I have ever done or seen done.

Simon.
ok.... I guess I will leave it alone. I have been using Microsoft's Intelligent Messaging FIlter on SBS servers for spam control and it has been quite successfull. I downloaded the tech file from Microsoft that explains how to configure IMF and that is where they talk about disabling the inbound smtp authentication. If anyone is interested I have attached the file and the reference is on page 10 and 11. for now I guess I will leave it alone....
IMF-SP2-Operations-Guide.doc
I am awarding points for the input, i have determined not to mess with the smtp authentication other than turning off relaying for anyone regardless of the list above thanks