exchange server 2003 relay issue, potential security risk

Hi, we have an Exchange 2003 server.  Our Finance staff have started to email payslips from within software from MYOB.
They found they can email all staff who gave an email address which is on the domain but cannot email to any staff who provided an external email address.

On contacting the support the advice they gave was to change the settings on the Default virtual SMTP server, Relay tab.  To select "All except the list below" for computers which may relay through this virtual server.

This fixes the problem but I am not comfortable leaving the setting like this as I'm not sure if this is creating an open relay.

Also 'Allow all computers which successfully authenticate to relay, regardless of the list above' is selected and always has been.
Relay-restrictions.jpg
Jenny CoulthardInformation Technology ManagerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Imtiaz HashamTechnical Director / IT ConsultantCommented:
Ok, I understand your concern and you are right because if there a virus, it will start sending malicious emails from your IP address.

What I would do is ask MYOB to allow authentication and authenticate the MYOB server with a separate username / password to allow for them to get a passthrough!
0
Jenny CoulthardInformation Technology ManagerAuthor Commented:
Thanks - at least I know I'm correct about the security.
With the MYOB software, there is no server, it is running on an Windows 7 client by a user who has been authenticated to the domain.
Are you able to make some suggestions for this scenario?
0
Jenny CoulthardInformation Technology ManagerAuthor Commented:
Also is this what is called an 'open relay server'?
0
Shreedhar EtteCommented:
Hello,

- First Run Exchange Best Practise Analyser tool on server and Check does it report server is in Open Relay or not.

- For "Allow all computers which successfully authenticate to relay"  Please check below article to fix Open Relay issue:
http://support.microsoft.com/kb/324958
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jenny CoulthardInformation Technology ManagerAuthor Commented:
OK thanks.  I've changed the setting back.  I'll go through all the steps and see what I find.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.