I'm trying to lock down relaying on our exchange 2000 server. I thought I had it done but found out this morning that some sites were still able to relay through. The event logs show that they were authenticating using SSPI. I have been unable to determine how to "close that hole".
The software we use (and resell) uses the POP and SMTP functionality of exchange so we have to be able to relay through exchange.
I've termporarily restricted relaying to only IP addresses inside our LAN but I'd like to be able to allow "authenticated users" to relay through the server from outside our LAN (eg when they are at a client site and have internet access from their laptops).
Any hints would be very much appreciated.
The software we use (and resell) uses the POP and SMTP functionality of exchange so we have to be able to relay through exchange.
I've termporarily restricted relaying to only IP addresses inside our LAN but I'd like to be able to allow "authenticated users" to relay through the server from outside our LAN (eg when they are at a client site and have internet access from their laptops).
Any hints would be very much appreciated.
