Home > IT Answers > Exchange > Secure Exchange Server
Help

Question

  Asked: Oct 31 2007   11:51 AM GMT
  Asked by: IT ANALYST

Secure Exchange Server


Email security, SMTP, Exchange 2003

Hello All , How are you?
I have setup my exchange server, it is able to send and receive mails, but the main problem is my mail server security, while testing i found that anyone can send mails without authentication using SMTP command prompt. Like , This


Resolving hostname...
Connecting...
SMTP -> FROM SERVER:
220 mail.bdaconnect.in Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 31 Oct 2007 17:25:08 +0530
SMTP -> FROM SERVER:
250-mail.bdaconnect.in Hello [64.92.171.178]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
MAIL FROM: johnsmith@yahoo.com
SMTP -> FROM SERVER:
250 2.1.0 johnsmith@yahoo.com....Sender OK
RCPT TO: aman.dhally@bdaconnect.in
SMTP -> FROM SERVER:
250 2.1.5 aman.dhally@bdaconnect.in
Sending Mail Message Body...
SMTP -> FROM SERVER:
354 Start mail input; end with .
SMTP -> FROM SERVER:
250 2.6.0 Queued mail for

The John Smith is a fake id,
I don't know what is going on , please help me. I am Using Exchange Server 2003

Thanks

Subscribe to Alerts! Get questions and answers delivered to your Inbox.


E-mail me updates on this question



   SUBSCRIBE

hidden modal window
Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER
View History
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
Last Answered: Nov 1 2007  8:53 AM GMT  by B00M3R




Make sure you have service pack 2 installed and then check the following:
There are two parts of the Exchange that can make your Exchange server an open relay, the Default SMTP Virtual Server and SMTP connectors. You need to check both to ensure that you haven't configured them wrongly and turned your machine in to a spammers target.

Default SMTP Virtual Server

To check or correct the configuration of the Default SMTP Virtual Server:

Start Exchange System manager (ESM)
Expand Servers, <your server>, Protocols, SMTP.
Right click on "Default SMTP Virtual Server" and choose Properties.
Click on the "Access" Tab.
There are four buttons, click on "Relay..." at the bottom.
Ensure that "Only the list below" is enabled and the list is empty.
If you don't have users sending email through your email server with Outlook Express or another POP3 client then you can disable "Allow all users that successfully authenticate to relay regardless of the list above".
Apply/OK until all windows are closed.
SMTP Connections

Start ESM, then open Connectors.
Right click on each SMTP Connector in turn and choose Properties.
Click on the "Address Space" tab.
If you have a "*" in the address list, check that "Allow messages to be routed to these domains" is not enabled.
Apply/OK until all windows are closed.
Once you have made the changes, repeat the telnet test above to ensure that you have closed everything.
  • AddThis Social Bookmark Button

Browse more Questions and Answers on Exchange.

Looking for relevant Exchange Whitepapers? Visit the SearchExchange.com Research Library.


RSS - Discussions Help

Discuss This Answer


You must be logged-in to discuss a question. Log-in/Register

IT ANALYST  |   Nov 5 2007  10:16AM GMT

Hello Sir,
Thanks fro ur reply and soory 4 reply u late, i have check my virtual SMTP connector setting , everything is ok as per you, But i didn’t have any smtp connector( this is good or bad? )

Thanks

Aman