Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SMTP server security 1

Status
Not open for further replies.
kev01

kev01

IS-IT--Management
May 13, 2003
78
0
0
GB
Hi,


My hosting company is hosting my website on a dedicated web server which runs Windows 2003. I am running the default email server, which is the virtual default SMTP server. But, I have been getting reports from my hosting company that my SMTP server has been used by spammers. I was therefore been asked to shut down the SMTP service.

How can I secure SMTP server so that it not used by spammers?

thanks in advance,
Kev
 
Sort by date Sort by votes
Start Internet Services Manager from the Administrative Tools menu.


In the Internet Information Services console, right-click the Default SMTP Server node, and then click Properties.


Click the Access tab, and then click Authentication.


If you click to select the Anonymous access check box and do not select any of the other checkboxes, all users and computers will be able to access the IIS SMTP server. This effectively disables authentication. If you click to select either or both the Basic Authentication or the Windows security package check boxes and do not click to select the Anonymous access check box, authentication will be required before access is granted to the IIS 5.0 SMTP server. In this case, if the user or computer does not successfully authenticate, the user or computer cannot send mail to the server. Select either or both of these options, click to clear the Anonymous access check box, and then click OK.


Click Relay.


You have several available options in the Relay Restriction dialog box. The default option is Only the list below. Note that there are no entries in the default configuration. By default, the Allow all computers which successfully authenticate to relay, regardless of the list above option is enabled. This allows users and computers that can authenticate with the server to relay through the server. Note that if you allow only anonymous access, the server will not be able to authenticate users or computers.


Click Add. You can allow a single computer, a group of computers, or an entire domain to relay through the server by making the appropriate selection in the Computer dialog box. Click Cancel if you do not want to make a change.


In the Relay Restrictions dialog box, click OK.
 
Upvote 0 Downvote
Thanks for that info Ganesh!
very much appreciated :)
cheers,
kev
 
Upvote 0 Downvote

I have read the pages on SMTP server on microsoft site - But I am not very clear about the following:

"If your virtual server is on the Internet, Microsoft recommends that you do not permit relaying."

But, I need to send and receive emails from my SMTP server -If I don't permit relaying - will I still be able to send and receive emails???

Thanks,
kev
 
Upvote 0 Downvote
Hi,

The knowledge article that you have suggested ( - tells "how to prevent mail relay in IIS SMTP Virtual server in Windows Server 2003. that's fine.

But if i prevent mail relay in IIS SMTP Virtual server, does that mean that I won't be able to send emails from my SMTP server??
 
Upvote 0 Downvote
anyone?
thanks,
kev
 
Upvote 0 Downvote
You can permit relaying from specific IP addresses or address ranges. That might be your best bet.
 
Upvote 0 Downvote
another off the wall method if your IP address will keep changing is to set the SMTP to some other unused port other then 25. With the current proliferation of avaliable SMTP Relays most spammers will just scan for port 25 and when not found move on.

Steve Bowman
steve.bowman@ultraex.com

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Question
Server Remote Desktop License
Replies
0
Views
101
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
116
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
142
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
92
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
110
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top