Windows

General discussion

Gravatar
Locked

Make my Exchange2k not a Open Relay Box?

By saaedb ·
My Exchanger is acting as a Open Relay. I'v tried every thing to stop it from doing that, I got a user respond to a previous question of mine, which put me on the right track, but doing all that is still not helping me solve the problem. As of now the exchange is set up as follows.
There are no connectors.
Virtual SMTP Server->Properties->Access Tab->
Authentication Button->Annonymous is checked,basic authentication is checked,Itegrated Wins Authentication is checked.
Under the Relay Button.
Only the list below option is selected. And the "Allow all computers which successfully authenticate to relay regardless of the list above" is checked.

With these settings, it is acting as a open relay box.

What do i need to do to stop it from acting as a "Open Relay Box" ?

Thanks alot

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

by CG IT In reply to Make my Exchange2k not a ...

"Allow all computers which successfully authenticate to relay" is your problem.Uncheck that box.

There is an article on this I "think" from Windows & .Net Magazine and/or Microsoft technet. I'll dig it up and post a comment with a link.

gravatar
Collapse -

by CG IT In reply to

here is a link to Microsoft's article on Controlling SMTP relaying. Hope this helps ya out. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/mailexch/excrelay.asp

as always remove any excess spaces in the URL.

gravatar
Collapse -

by CG IT In reply to

well that link didn't work.

This is supposed to be the link to the Exchange server security page. I tried a copy and paste to the link I posted above and didn't work.
However where the article resides is Exchange Server security Center and then click the link for Security Topics. There you'll find the relay technical article I mentioned.

Try this link to the Exchange Server Security Center.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/mailexch/default.asp

gravatar
Collapse -

by CG IT In reply to

Joe is correct. Though the flaw that exists only works if the quest account is enabled. Disabling the quest account resolves this issue.

gravatar
Collapse -

by saaedb In reply to

Poster rated this answer.

gravatar
Collapse -

by Joseph Moore In reply to Make my Exchange2k not a ...

A new flaw in Exchange 2K was released a couple of weeks ago that says even if you have disabled the Open Relay feature, the server can STILL be used to send spam. So, you could set up the server correct, and it can still be used as an open relay. Here is a news article on this:

http://news.com.com/2100-7355-5107904.html

This could be your problem. Sorry for the bad news.

gravatar
Collapse -

by saaedb In reply to

Poster rated this answer.

gravatar
Collapse -

by saaedb In reply to Make my Exchange2k not a ...

This question was closed by the author

Back to Windows Forum
8 total posts (Page 1 of 1)  

Start or search

Related Discussions

Related Forums