CaringIT
asked on
Securing SMTP on Exchange 2007
Our Exchange server is sitting on our network and has SMTP open on the firewall - but it is allowing anonymous sending of emails. We have stopped relaying via SMTP, but need to know how to stop this issue.
Can anyone help?
Can anyone help?
ASKER
If we remove the Anonymous option from the list of permissions to send, what impact would this have?
We have one connector for general use which has it on and one for a system internally specifying internal addresses that has it on.
We have one connector for general use which has it on and one for a system internally specifying internal addresses that has it on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
leave default one without anonymous and create one more for appliction with anonymous permission for only remote Ip address of applictation server in network tap on new receive connector for application.
Thanks
Ahmed
leave default one without anonymous and create one more for appliction with anonymous permission for only remote Ip address of applictation server in network tap on new receive connector for application.
Thanks
Ahmed
By default, the Receive connector that ships with Exchange 2007 does now allow 'Anonymous submission' connections and it certainly will not allow 'anonymous relaying' unless you have changed the authentication type to 'Externally secured', which you wouldn't do on a receive connector that is available from the outside world.
Anonymous permission needs to be selected if you want to allow external users to send mail to the receiver connector, and unless you have selected 'Externally secured', they will only be able to send mail to domains on your Accepted Domains list.
Shaun
Anonymous permission needs to be selected if you want to allow external users to send mail to the receiver connector, and unless you have selected 'Externally secured', they will only be able to send mail to domains on your Accepted Domains list.
Shaun
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
Let us know if you are still having problems