Link to home
Create AccountLog in
Avatar of pabby0612
pabby0612

asked on

Exchange 2003 Authentication Advice

HI, Looking for advice here as I am in uncharted waters, for me , anyway... Been doing these pci compliance scans and up till recently we have been ok - then they add something new that they say is a problem, we fail the test, we fix the problem and then we pass - -the cycle goes on like this and just this week we got a Clear Text password issue on port 25.... So after trawling I found a sembee response to exactly this question and as advised , turned off all authentication except anonymous - and the scan passed the test.

I am happy that it passed the test but am unsure of exactly what was done - because it was through the night,  -i.e. if this had been done through the day time, would it have disabled email to the users, what would not have worked - we have web shops that use the mail server to relay email receipts to anyone purchasing goods -I am assuming that these would have failed?

While the switching off of authentication passed the test, for which I am grateful - is there a longer term permanent solution to this issue (and no doubt the scanning company will hit me with others in a couple of months)

Also , has anyone managed to get away from these scanning companies - we tried but they told us we were non compliant when we let the contact lapse - and then got charged by the bank.... all advice welcome - thanks
ASKER CERTIFIED SOLUTION
Avatar of Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz
Flag of Spain image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account