Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 anonymous send capability

Posted on 2012-04-11
7
Medium Priority
?
572 Views
Last Modified: 2012-06-21
Hello, I've noticed some odd behavior with my Exchange 2010 box. I was configuring email notifications for my antivirus and virtual machine backup servers and I noticed that my mail server no longer requires authentication to send those alert messages. Essentially all I have to do now is specifiy the Exchange ip address and the recipient email addresses and they'll go through the mail server without prompting for a valid username and password. I'd really like to change this behavior, but I'm not sure where to start. I believe I have all the correct authentication requirments, but I'm not 100% sure. Any help would be greatly appreciated! Thank you!
0
Comment
Question by:jmchristy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 7

Expert Comment

by:BelushiLomax
ID: 37832121
Did you create a service account for those (AV and BU) or are you logging on as Administrator and configuring them? You can check your "Manage Send As Permissions" attribute on the mailbox to see if anything jumps out there. If you are logged on as the user sending the email or that user has an AD acct and an Exchange box with service acct credentials running on the app you are setting up, you shouldnt see the authentication.
0
 

Author Comment

by:jmchristy
ID: 37832140
For the AV I am logged on as the service account which does have the exchange credentials, however, the BU VM device isn't even on the domain. That's the part that confused me. It's a linux based device, not authenticated to the domain. The AV software's authentication is SQL based, so that isn't actually using AD credentials either.
0
 
LVL 2

Expert Comment

by:Xinjitzu
ID: 37832168
jm that only sounds like a problem if your actually relaying mail through the server anonymously. If the alerts are coming from another self-contained system,(like postie for example) to an internal exchange email address, thats fine.

Take a look at your Receive Connecters under Server Configuration > Hub Transport

go to properties > Permission groups of your "Client <servername>" connecter (Assuming you have a default installation and naming scheme here)

Make sure anonymous is NOT checked here. Typically you'd only have "Exchange Users" enabled on this connector

Anonymous should only be checked on your default connector (So you can receive external mail) and on another connector designated for relaying, that only allows specific clients inside your network
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:jmchristy
ID: 37832185
I do have the default install and Anonymous is checked on one of my recieve connectors (Default). I have two defaults: Client and Default. Default has Anonymous, Exchange Users, Exchange Servers, and Legacy Exchange Servers checked. on Client I only have Exchange Users checked. So, it appears that both are configured correctly. Neither alert system is self contained that I know of. Is there a way to check if my server is relaying mail anonymously since I'm not 100% sure that my two alert systems are self-contained?
0
 

Author Comment

by:jmchristy
ID: 37832292
I just went through mxtoolbox and checkor against my MX record and both said that Open Relay was not allowed. Should I assume that I would have no issues internally?
0
 
LVL 2

Accepted Solution

by:
Xinjitzu earned 2000 total points
ID: 37832611
if MXtoolbox says your good your definitely ok from the outside. To verify the inside is secure open a telnet session from one of your LAN computers

telnet <mailservername> 25
helo <internaldomainname>
mail from:<you@yourdomain.com>
rcpt to: <someone@externaldomain.com>


You should get 550 5.7.1 Unable to relay

If you do your all set
0
 

Author Comment

by:jmchristy
ID: 37832647
That's what I got! It looks like I'm all set on both ends. Thank you for your continued help!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question