Solved

Exchange 2003 Authentication Advice

Posted on 2013-05-15
1
147 Views
Last Modified: 2013-06-30
HI, Looking for advice here as I am in uncharted waters, for me , anyway... Been doing these pci compliance scans and up till recently we have been ok - then they add something new that they say is a problem, we fail the test, we fix the problem and then we pass - -the cycle goes on like this and just this week we got a Clear Text password issue on port 25.... So after trawling I found a sembee response to exactly this question and as advised , turned off all authentication except anonymous - and the scan passed the test.

I am happy that it passed the test but am unsure of exactly what was done - because it was through the night,  -i.e. if this had been done through the day time, would it have disabled email to the users, what would not have worked - we have web shops that use the mail server to relay email receipts to anyone purchasing goods -I am assuming that these would have failed?

While the switching off of authentication passed the test, for which I am grateful - is there a longer term permanent solution to this issue (and no doubt the scanning company will hit me with others in a couple of months)

Also , has anyone managed to get away from these scanning companies - we tried but they told us we were non compliant when we let the contact lapse - and then got charged by the bank.... all advice welcome - thanks
0
Comment
Question by:pabby0612
1 Comment
 
LVL 19

Accepted Solution

by:
Miguel Angel Perez Muñoz earned 500 total points
ID: 39170695
I will to try tell you how this works, I´m not native english but let´s go:

Exchange uses 25 TCP port (SMTP) by default to get emails from other mail servers. Since you let get mails anonymously, you are letting this remote servers place emails on your servers. Thats is ok, and there is normal Exchange operation.
But maybe you require your remote users send emails to other emails servers, (relay) anonymously you must to block, because your Exchange server not let send mails to other servers without authentication. If you permit your server act as open relay, spammers will use your server and your server will be marked as spam sender, and this is not good deal.
How to prevent this?, let your authenticated users to relay. How? I recommend you create another SMTP server and configure authentication (whatever secured) and uses other port different of 25 (p. ex 2225).
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Microsoft has released various new features which are capable of handling various tasks. One of these tasks is ‘Migration from pop3 to Exchange Server’. Pop3 data stores various data along mailboxes like contacts, tasks, etc. So, it becomes the need…
Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now