Solved

Securing smtp port?

Posted on 2010-11-08
7
554 Views
Last Modified: 2012-05-10
guys, a consultant did some work on our site and concluded that our smtp port was not secure. What does he mean? The port on the router is open fo port 25, so that mail can leave. How do I secure smtp?

We're using Exchange 2007.
thanks a lot
Yash
0
Comment
Question by:Yashy
7 Comments
 
LVL 20

Expert Comment

by:Lazarus
ID: 34088780
He may be meaning that all client computer on your network are able to also send mail via port 25. You would want to make sure that the only IP able to send email via SMTP is you email server. This will help with malware or Virus that might infect other machines and use client to send mail.
But you will neeed to ask him to verify what he meant.
0
 
LVL 8

Expert Comment

by:GundogTrainer
ID: 34088787
You may need to check if you are an open relay.
Yuo can control the IP addresses that are allowed to send mail through your server to ensure that any device on your network cant just send mail.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34088818
Thanks for writing back. How can I check to ensure that our email server is the only one that can send via the smtp port?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 17

Accepted Solution

by:
Viral Rathod earned 250 total points
ID: 34088904
Please check the following utility from MX toolbox.com to check which port is open

http://www.mxtoolbox.com/PortScan.aspx

Letus know the results.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089003
        21   ftp    Success       140 ms
       25      smtp      Success      140 ms
       80      http      Success      140 ms
       443      https      Success      125 ms

This was for the router IP that we use to send out emails. How does that look? The above are all open ports. Everything else was closed.
0
 
LVL 20

Assisted Solution

by:Lazarus
Lazarus earned 250 total points
ID: 34089028
It's not quite as simple as which poerts are open from just the outside. You need to also check your router configuration to make sure that only teh IP address assigned to you Mail Server is able to send via port 25, otherwise any computer in you network is able to send MAIL as well.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089050
Can this be checked by changing to another router gateway and doing a telnet command?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now