<div>
Hello Simon, thanks for your input esp. on the 'hardening' part. Since I read some best practices at MS I have our Exchange servers already doing Exchange/IIS only. I can sleep better now!
</div>


Hello Simon, thanks for your input esp. on the 'hardening' part. Since I read some best practices at MS I have our Exchange servers already doing Exchange/IIS only. I can sleep better now!

<div>
<div class="content wysiwyg-content">
Hello Experts,<br />
<br />
I am quite new to MS Exchange and did deploy a Exchange 2013 recently which I am migrating right now to production.<br />
<br />
When examining the receive connectors it occurred to me basic ath was enabled on Port 25 by default along with Windows Auth and Exchange server authentication.<br />
<br />
On any other email system I would switch it off for security reasons, there is Submisson, 587/tcp for clients.<br />
<br />
Is there any reason to keep basic auth switched on on port 25 smtp or can I safely turn this off?<br />
<br />
Are there any other basic best practices to harden Exchange? (I know, this is a very wide area question but I ask it anyway :)<br />
<br />
Thanks!
</div>
</div>


Hello Experts,

I am quite new to MS Exchange and did deploy a Exchange 2013 recently which I am migrating right now to production.

When examining the receive connectors it occurred to me basic ath was enabled on Port 25 by default along with Windows Auth and Exchange server authentication.

On any other email system I would switch it off for security reasons, there is Submisson, 587/tcp for clients.

Is there any reason to keep basic auth switched on on port 25 smtp or can I safely turn this off?

Are there any other basic best practices to harden Exchange? (I know, this is a very wide area question but I ask it anyway :)

Thanks!

Exchange: Basic auth on port 25 - any reason for that?

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Exchange

Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. A MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol (SMTP). The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.