Relay Problems

[NikeE]

Hello everyone!

I hope you can help me with this one. I have an Exchange 2000 server running and i get alot of spam in the virtual server queue. I have set Relay to Only the list below (wich is empty) and allow authenticated users to relay. My Access tab on the virtual server is set to Anonymous, Basic and integrated, can some one please tell me what the access tab does cause it seems like if i turn off anonymous access other people cant send mail to us.

Regards Nike

 

[sxwk12]

I had the same problem. I just finally after about 3 weeks closed my open relay. You will have to create a second virtual server. One for outgoing, one for incoming. I have incoming on one port and outgoing on another port. Works like a champ. I have also gotten off of all the blacklists that I was on.

Sidney

 

[NikeE]

How do you check if you are blacklisted?

 

[gosemer]

one place to check is

http://www.ordb.org/

you can find a lot of info about relaying and hoy to stop it.

 

[EvilKlown]

Exchange blocks computers from relaying unwanted e-mail through an SMTP virtual server. By default, all users and computers are blocked from relaying, except those that are able to authenticate....guess, what, EVERYONE can authenticate because SMTP NEEDS ANONYMOUS ACCESS. Everyone can authenticate because by default, ANONYMOUS is allowed for SMTP connection, if you disable this, you won't receive any email because no one will be able to authenticate to your SMTP server to send your domain email. :O

You have to leave Anonymous access on otherwise if you password protect the SMTP connection, then you have to give everyone that wants to send your domain email the password to authenticate to your SMTP server. : )

Obviously, you can't do this. Next, by default, your server:

Exchange = Protocols = SMTP = Default SMTP Server = Relay Properties say : Select which computer may relay through this virtual server: "Only the list below" is default, and by default no one is present, means that no one can relay, right? WRONG. Right below there's a little checkbox that says "Allow all computers which successfully athenticate to RELAY, REGARDLESS OF THE LIST ABOVE!! This single little checkbox effectively bypasses the dissallowed computers/users because this is checked!

Your best bet is a good firewall configuration and an SMTP server that will relay to your domain only.

Good luck on your Exchange setup, if you're on the West Coast or nearby I can recommend some orgz that specialize in security and Exchange. Furthermore, you can have forensics come in and see who's bouncing email off your servers internally.

Evil Clown.

 

[Davetoo]

I have my Exchange 2K server setup exactly as Microsoft says (i.e. allows relaying for computers that authenticate under the Relay Restrictions), and my anonymous access is enabled (so that I can receive e-mail from outside the domain, obviously). I have only one virtual server.

I setup a test system outside my network and attempted to send an e-mail to my Hotmail account...guess what? Wouldn't go through. I could send an e-mail to my account that I have on the Exchange server...but then again, it's set to receive mail, so yeah, that's a good thing! ;-)

Therefore, best I can determine, the "anonymous access" and "Relay for authenticated computers" are apples and oranges, and one isn't related to the other.

 

[Davetoo]

Found this to support my findings:

http://www.msexchange.org/tutorials/MF005.html