exchange 2010 open relays
How would I close open relays? Would i need to? Will it effect anything if i do?
I recently ran some security test and it shows we have an open relay on our exchange box. How would i turn open relay off? If i do will it affect anything internally, as we use email relays for some of our servers that sends out alerts.
Will this effect anything from the outside coming in?
I recently ran some security test and it shows we have an open relay on our exchange box. How would i turn open relay off? If i do will it affect anything internally, as we use email relays for some of our servers that sends out alerts.
Will this effect anything from the outside coming in?
ASKER
Our default connector doesn't have externally secured enabled,
But we have internal relay that has externally secured enabled is that ok or should that be disabled?
Example of one of our internal relay is 10.0.0.1
Under Authentication
transport layer Security TLS is checked
Externally Secured is Checked.. All others are unchecked
Permission groups
everything is checked but anonymous.
I also tried testing by sending email using telnet mail.local.com 25 command and wasn't able to.
But when test on mxtoolbox on one of the errors it says that, your server may be able to relay. Which is weird.
thanks for the help.
But we have internal relay that has externally secured enabled is that ok or should that be disabled?
Example of one of our internal relay is 10.0.0.1
Under Authentication
transport layer Security TLS is checked
Externally Secured is Checked.. All others are unchecked
Permission groups
everything is checked but anonymous.
I also tried testing by sending email using telnet mail.local.com 25 command and wasn't able to.
But when test on mxtoolbox on one of the errors it says that, your server may be able to relay. Which is weird.
thanks for the help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you
If you need to allow servers to relay through your Exchange server, then configure a specific connector that allows just those servers to relay.
A correctly configured receive connector will not affect inbound email.
The most common method for creating an open relay is for the Default Receive Connector to have Externally Secured enabled.
The second most common method is to have a connector configured to allow relaying from the entire subnet, but traffic from the gateway device appears to Exchange to come from an internal source.
There is no single answer to the question on how to close the open relay. You need to go through the server configuration carefully, locking down everything but the Default Receive Connector to specific IP addresses. The default receive connector should be open to everyone (unless you use an external filtering source) with anonymous enabled. Externally Secured should NOT be enabled.
Simon.