Secure Exchange Server

10 pts.
Email security
Microsoft Exchange 2003
Hello All , How are you? I have setup my exchange server, it is able to send and receive mails, but the main problem is my mail server security, while testing i found that anyone can send mails without authentication using SMTP command prompt. Like , This Resolving hostname... Connecting... SMTP -> FROM SERVER: 220 Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 31 Oct 2007 17:25:08 +0530 SMTP -> FROM SERVER: Hello [] 250-TURN 250-SIZE 250-ETRN 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-8bitmime 250-BINARYMIME 250-CHUNKING 250-VRFY 250-X-EXPS GSSAPI NTLM LOGIN 250-X-EXPS=LOGIN 250-AUTH GSSAPI NTLM LOGIN 250-AUTH=LOGIN 250-X-LINK2STATE 250-XEXCH50 250 OK MAIL FROM: SMTP -> FROM SERVER: 250 2.1.0 OK RCPT TO: SMTP -> FROM SERVER: 250 2.1.5 Sending Mail Message Body... SMTP -> FROM SERVER: 354 Start mail input; end with . SMTP -> FROM SERVER: 250 2.6.0 Queued mail for The John Smith is a fake id, I don't know what is going on , please help me. I am Using Exchange Server 2003 Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

Make sure you have service pack 2 installed and then check the following:
There are two parts of the Exchange that can make your Exchange server an open relay, the Default SMTP Virtual Server and SMTP connectors. You need to check both to ensure that you haven’t configured them wrongly and turned your machine in to a spammers target.

Default SMTP Virtual Server

To check or correct the configuration of the Default SMTP Virtual Server:

Start Exchange System manager (ESM)
Expand Servers, <your server>, Protocols, SMTP.
Right click on “Default SMTP Virtual Server” and choose Properties.
Click on the “Access” Tab.
There are four buttons, click on “Relay…” at the bottom.
Ensure that “Only the list below” is enabled and the list is empty.
If you don’t have users sending email through your email server with Outlook Express or another POP3 client then you can disable “Allow all users that successfully authenticate to relay regardless of the list above”.
Apply/OK until all windows are closed.
SMTP Connections

Start ESM, then open Connectors.
Right click on each SMTP Connector in turn and choose Properties.
Click on the “Address Space” tab.
If you have a “*” in the address list, check that “Allow messages to be routed to these domains” is not enabled.
Apply/OK until all windows are closed.
Once you have made the changes, repeat the telnet test above to ensure that you have closed everything.

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
    Hello Sir, Thanks fro ur reply and soory 4 reply u late, i have check my virtual SMTP connector setting , everything is ok as per you, But i didn't have any smtp connector( this is good or bad? ) Thanks Aman
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: