Link to home
Create AccountLog in
Avatar of lappladmin
lappladminFlag for United States of America

asked on

smtp misconfiguration?

Hello,

I just setup an exchange 2007 test mail server, I came across this website to run a smtp test on my mail server. I ran a test without providing any authentication credential which startled me. Can anyone tell me where in the configuration that i missed that will allow mail to send without authentication?

http://smtper.sweetylife.com/
Avatar of Will Szymkowski
Will Szymkowski
Flag of Canada image

You need to check your receive connector permissions group. Make sure that Anonymous is NOT selected.

Will.
Avatar of lappladmin

ASKER

If leaving this option unchecked will that impact any mail flow from the internet to me?
No it will not it will not. Although I do not know your environment you can simply re-enable it if it does. However it should not affect anything,

Will.
Second thought, it might affect internal application servers that are sending email notifications without using authentication. However from the INTERNET it do you have a smart host? If you do then it might affect that as well.

Best option is to create a new receive connector and lock it down via IP address under the networking tab and then allow anonymous permission group. It will be locked down via IP.

Do not do this on your DEFAULT receive  connector.

Will.
1. I don't have a smart host.
2. that was my default receive connector.
Well just remove the setting and see if anything happens. Preferably after hours.

Will.
Will

I ran a test last night with that option unchecked, all mails flow from the internet rejected.
ASKER CERTIFIED SOLUTION
Avatar of Will Szymkowski
Will Szymkowski
Flag of Canada image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks for the help!