?
Solved

Securing smtp port?

Posted on 2010-11-08
7
Medium Priority
?
561 Views
Last Modified: 2012-05-10
guys, a consultant did some work on our site and concluded that our smtp port was not secure. What does he mean? The port on the router is open fo port 25, so that mail can leave. How do I secure smtp?

We're using Exchange 2007.
thanks a lot
Yash
0
Comment
Question by:Yashy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 20

Expert Comment

by:Lazarus
ID: 34088780
He may be meaning that all client computer on your network are able to also send mail via port 25. You would want to make sure that the only IP able to send email via SMTP is you email server. This will help with malware or Virus that might infect other machines and use client to send mail.
But you will neeed to ask him to verify what he meant.
0
 
LVL 8

Expert Comment

by:GundogTrainer
ID: 34088787
You may need to check if you are an open relay.
Yuo can control the IP addresses that are allowed to send mail through your server to ensure that any device on your network cant just send mail.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34088818
Thanks for writing back. How can I check to ensure that our email server is the only one that can send via the smtp port?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 17

Accepted Solution

by:
Viral Rathod earned 1000 total points
ID: 34088904
Please check the following utility from MX toolbox.com to check which port is open

http://www.mxtoolbox.com/PortScan.aspx

Letus know the results.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089003
        21   ftp    Success       140 ms
       25      smtp      Success      140 ms
       80      http      Success      140 ms
       443      https      Success      125 ms

This was for the router IP that we use to send out emails. How does that look? The above are all open ports. Everything else was closed.
0
 
LVL 20

Assisted Solution

by:Lazarus
Lazarus earned 1000 total points
ID: 34089028
It's not quite as simple as which poerts are open from just the outside. You need to also check your router configuration to make sure that only teh IP address assigned to you Mail Server is able to send via port 25, otherwise any computer in you network is able to send MAIL as well.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089050
Can this be checked by changing to another router gateway and doing a telnet command?
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month15 days, 3 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question