Stop Spam From the Inside by Locking Down SMTP

Hi All

       how do i Stop Spam From the Inside by Locking Down SMTP, some people from outside using smtp auth mail relay on my exchange server, how do i restrict mail relay by using smtp auth ? can i block it by specific public ip addresses ? for example if someone using amtp auth with public ip from outside network, can my exchange block the remote ip using smtp auth other than the internal subnet from exchange server ?

Keith
piaakitAsked:
Who is Participating?
 
Simon Butler (Sembee)ConsultantCommented:
Authenticated relaying is not enabled by default on port 25.
If you don't need it, then disable it. Disable the option Exchange Users on the Default Receive Connector.

The account being abused should show in the security log of the Exchange server. However the most common account to be attacked is the Administrator account.

You need to be very careful with restrictions by IP address, because the default Receive Connector is how you receive email from the internet. Therefore unless you are using an external spam filtering source, you cannot lock down the use of that connector. The most you can do is restrict the internal users from using it by adjusting the parameters on the Default Receive Connector within the Allow Connections from section.

Simon.
0
 
Simon Butler (Sembee)ConsultantCommented:
Version of Exchange would help here.
Depending on the version of Exchange depends on what you need to do.

Exchange 2003 is very different to Exchange 2007/2010.

You should also identify which account is being abused to send the spam as well. You can do that from the event viewer.

Simon.
0
 
piaakitAuthor Commented:
From event viewer can see which account abused to send spam ?
0
 
Simon Butler (Sembee)ConsultantCommented:
You need to state which version of Exchange it is first.

There are currently six versions of Exchange in active use (some more than others) and they all work in different ways.

Simon.
0
 
piaakitAuthor Commented:
currently using exchange 2010 sp3 with latest rollup 9
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.