?
Solved

Securing smtp port?

Posted on 2010-11-08
7
Medium Priority
?
564 Views
Last Modified: 2012-05-10
guys, a consultant did some work on our site and concluded that our smtp port was not secure. What does he mean? The port on the router is open fo port 25, so that mail can leave. How do I secure smtp?

We're using Exchange 2007.
thanks a lot
Yash
0
Comment
Question by:Yashy
7 Comments
 
LVL 20

Expert Comment

by:Lazarus
ID: 34088780
He may be meaning that all client computer on your network are able to also send mail via port 25. You would want to make sure that the only IP able to send email via SMTP is you email server. This will help with malware or Virus that might infect other machines and use client to send mail.
But you will neeed to ask him to verify what he meant.
0
 
LVL 8

Expert Comment

by:GundogTrainer
ID: 34088787
You may need to check if you are an open relay.
Yuo can control the IP addresses that are allowed to send mail through your server to ensure that any device on your network cant just send mail.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34088818
Thanks for writing back. How can I check to ensure that our email server is the only one that can send via the smtp port?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Accepted Solution

by:
Viral Rathod earned 1000 total points
ID: 34088904
Please check the following utility from MX toolbox.com to check which port is open

http://www.mxtoolbox.com/PortScan.aspx

Letus know the results.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089003
        21   ftp    Success       140 ms
       25      smtp      Success      140 ms
       80      http      Success      140 ms
       443      https      Success      125 ms

This was for the router IP that we use to send out emails. How does that look? The above are all open ports. Everything else was closed.
0
 
LVL 20

Assisted Solution

by:Lazarus
Lazarus earned 1000 total points
ID: 34089028
It's not quite as simple as which poerts are open from just the outside. You need to also check your router configuration to make sure that only teh IP address assigned to you Mail Server is able to send via port 25, otherwise any computer in you network is able to send MAIL as well.
0
 
LVL 1

Author Comment

by:Yashy
ID: 34089050
Can this be checked by changing to another router gateway and doing a telnet command?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question