Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SMTP Anonymous Access

Status
Not open for further replies.
firepwr

firepwr

IS-IT--Management
May 22, 2006
31
US
Can someone help me understand what the "Anonymous Access" setting is for the default SMTP Virtual Server?

SMTP_Properties.jpg


I think it's the obvious (i.e. it corresponds to the "My Server Requires Authentication" box in Outlook Express), however, whenever I check that a lot of (valid) email doesn't seem to get through....

The problem is that I think my mail server is being compromised without that. I'm getting spam (and seeing it in the logs) that I'm not sending but is looking like it is originating from my server. I have verified that I'm not an Open Relay (Abuse Net Relay Test) but I'm not sure what else to do.

Any suggestions?

Paul.
 
Sort by date Sort by votes
SMTP is anonymous by nature (and design). It's what allows SMTP servers to talk to each other. Otherwise, you'd have to setup authentication for any SMTP server that wants to send email to you.

You might just be a relay target.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
If your domain is being spoofed by a spam merchant, replies to undeliverables will come to you. I wouldn't worry too much, it happens to every domain; unless of course you're getting an awful lot of them?


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
Yes that's exactly what's happening and was my first "heads up" that something was happening. Further investigation showed emails that I received in my inbox had my server's IP as the origination address. I then could go in the mail logs and see the email there....

I think what's happened is they have figured out a valid email address for my domain and they're using that to send---that's why I was originally looking at the "anonymous" setting (which seemed like it would fix the problem). The only problem is that lots of legit email wouldn't be delivered either.... :(

I'm pretty positive I'm not an open relay (that Abuse Net test is pretty comprehensive I think).

You're saying that every has this problem?! There's no way to fix it?
 
Upvote 0 Downvote
Well, I'd wager that most domain's have, in varying severity. I recall someone spoofing our domain name for a couple of weeks about a year ago. Since our mailserver wasn't sending them out there was nothing we could really do about it.

If they aren't being spoofed and they are coming from your mailserver, if you aren't an open relay then you have software on the server sending it out. This is however unlikely and can easy be checked for with some scans by your favourite AV/Spyware flavours.


To be honest, I imagine it's just the aforementioned spoofing.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
It's not likely spoofing if the offending messages have firpwr's IP address as the originating point unless those are just the NDRs attempting to go out.

I'd configure sender, recipient, connection, and intelligent message filters, and tarpitting on the server.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
You're right, it's not, but if he's not running an open relay then the messages would have to be coming from an internal source.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Rohit Bareja
  • Locked
  • Question
View and access only own records, and not the records by others on SharePoint.
Replies
3
Views
1K
garysm
garysm
Beni Santoso
  • Locked
  • Question
pop3 account setup failed at outlook because client was not authenticated to send anonymous mail
Replies
1
Views
106
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
Exchange 2019 Full Access to all mailboxes
Replies
3
Views
160
DrB0b
DrB0b
intel233
  • Locked
  • Question
Mulitple SMTP
Replies
1
Views
86
markdmac
markdmac
napoleao
  • Locked
  • Question
Full Access Permision Log
Replies
0
Views
56
napoleao
napoleao

Part and Inventory Search

Sponsor

Back
Top