Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SMTP server security 1

Status
Not open for further replies.

kev01

IS-IT--Management
May 13, 2003
78
GB
Hi,


My hosting company is hosting my website on a dedicated web server which runs Windows 2003. I am running the default email server, which is the virtual default SMTP server. But, I have been getting reports from my hosting company that my SMTP server has been used by spammers. I was therefore been asked to shut down the SMTP service.

How can I secure SMTP server so that it not used by spammers?

thanks in advance,
Kev
 
Start Internet Services Manager from the Administrative Tools menu.


In the Internet Information Services console, right-click the Default SMTP Server node, and then click Properties.


Click the Access tab, and then click Authentication.


If you click to select the Anonymous access check box and do not select any of the other checkboxes, all users and computers will be able to access the IIS SMTP server. This effectively disables authentication. If you click to select either or both the Basic Authentication or the Windows security package check boxes and do not click to select the Anonymous access check box, authentication will be required before access is granted to the IIS 5.0 SMTP server. In this case, if the user or computer does not successfully authenticate, the user or computer cannot send mail to the server. Select either or both of these options, click to clear the Anonymous access check box, and then click OK.


Click Relay.


You have several available options in the Relay Restriction dialog box. The default option is Only the list below. Note that there are no entries in the default configuration. By default, the Allow all computers which successfully authenticate to relay, regardless of the list above option is enabled. This allows users and computers that can authenticate with the server to relay through the server. Note that if you allow only anonymous access, the server will not be able to authenticate users or computers.


Click Add. You can allow a single computer, a group of computers, or an entire domain to relay through the server by making the appropriate selection in the Computer dialog box. Click Cancel if you do not want to make a change.


In the Relay Restrictions dialog box, click OK.
 
Thanks for that info Ganesh!
very much appreciated :)
cheers,
kev
 

I have read the pages on SMTP server on microsoft site - But I am not very clear about the following:

"If your virtual server is on the Internet, Microsoft recommends that you do not permit relaying."

But, I need to send and receive emails from my SMTP server -If I don't permit relaying - will I still be able to send and receive emails???

Thanks,
kev
 
Hi,

The knowledge article that you have suggested ( - tells "how to prevent mail relay in IIS SMTP Virtual server in Windows Server 2003. that's fine.

But if i prevent mail relay in IIS SMTP Virtual server, does that mean that I won't be able to send emails from my SMTP server??
 
You can permit relaying from specific IP addresses or address ranges. That might be your best bet.
 
another off the wall method if your IP address will keep changing is to set the SMTP to some other unused port other then 25. With the current proliferation of avaliable SMTP Relays most spammers will just scan for port 25 and when not found move on.

Steve Bowman
steve.bowman@ultraex.com

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top