• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 566
  • Last Modified:

Securing smtp port?

guys, a consultant did some work on our site and concluded that our smtp port was not secure. What does he mean? The port on the router is open fo port 25, so that mail can leave. How do I secure smtp?

We're using Exchange 2007.
thanks a lot
Yash
0
Yashy
Asked:
Yashy
2 Solutions
 
LazarusCommented:
He may be meaning that all client computer on your network are able to also send mail via port 25. You would want to make sure that the only IP able to send email via SMTP is you email server. This will help with malware or Virus that might infect other machines and use client to send mail.
But you will neeed to ask him to verify what he meant.
0
 
GundogTrainerCommented:
You may need to check if you are an open relay.
Yuo can control the IP addresses that are allowed to send mail through your server to ensure that any device on your network cant just send mail.
0
 
YashyAuthor Commented:
Thanks for writing back. How can I check to ensure that our email server is the only one that can send via the smtp port?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Viral RathodConsultantCommented:
Please check the following utility from MX toolbox.com to check which port is open

http://www.mxtoolbox.com/PortScan.aspx

Letus know the results.
0
 
YashyAuthor Commented:
        21   ftp    Success       140 ms
       25      smtp      Success      140 ms
       80      http      Success      140 ms
       443      https      Success      125 ms

This was for the router IP that we use to send out emails. How does that look? The above are all open ports. Everything else was closed.
0
 
LazarusCommented:
It's not quite as simple as which poerts are open from just the outside. You need to also check your router configuration to make sure that only teh IP address assigned to you Mail Server is able to send via port 25, otherwise any computer in you network is able to send MAIL as well.
0
 
YashyAuthor Commented:
Can this be checked by changing to another router gateway and doing a telnet command?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now