Link to home
Start Free TrialLog in
Avatar of gsswho6
gsswho6Flag for United States of America

asked on

Exchange 2003 Relay Restrictions

Hello All,

Simple question... Ran into some issues getting flagged as SPAM and went thru all the steps to make sure OPEN relay was not on...  Only The list below for Ip is chosen and all i have is a couple servers i need... Also I unchecked Allow all computers etc.... However I notice that on the USERS tab in that section It has Submit and Relay allow to All Authenticated Users.... Can this be the problem? I expect this means that if someone internally gets infected with a domain account they can then relay as well? can I remove this completely and have the users emtpy or will this cause problems?  I notice sometimes when i look at the IMAP4 and SMTP current sessions i see a couple random connections that have nothing to do with us... Thanks for the help.
Avatar of Donald Holly
Donald Holly
Flag of United States of America image

If you remove authenticated users, it will not allow users to relay to external domains.

I hope this helps,

Avatar of DLeaver
That setting is normal.

How is your network locked down?  More specifically, is port 25 outbound on your network locked down so only your Exchange server can send out or can any client send out on this port?
Avatar of gsswho6


Yes 25 outbound is only allowed for exchange. I notice its always the same damn CASA blacklists in china that we get added to that give us problems... Sometimes I even think they are doing it on purpose lol, but probably not... Anything specific I should be looking for? Is it most likely an infected user internally maybe?
Well if it was an infected user they would only be able send email via the Exchange server, so you would likely see an impact on the mail queues as typically they produce mail on mass.

You need to upgrade from Exchange 2003, it is long out of support and is susceptible to attacks.

Scan your Exchange server for viruses in case it is infected.

Ideally you will be sending email via an SMTP server or via your hosted AS provider (if you have one), and your Exchange server will be locked down to those IP's for sending and receiving.
Avatar of randomsense

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gsswho6


Thanks these tools helped.