Re: Relaying Breach via IIS

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Reggie Dones (rfdones_at_argotech.net_nospam)
Date: 06/26/04 

Date: Sat, 26 Jun 2004 16:57:33 -0700

Thanks SuperGumby, but can you elaborate? How do we then secure the web or
smtp service to make OWA available to our remote users?

Also I'm perplexed at how these servers connect via port 25 and get cut off
when we stop IIS or grant only LAN IP addresses. Any ideas?

Thanks again,
Reggie

"SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
news:OqHrxg9WEHA.2908@TK2MSFTNGP10.phx.gbl...
> remote users do not need access to SMTP to use OWA.
>
> "Reggie Dones" <rfdones@argotech.net_nospam> wrote in message
> news:%23fQrOe9WEHA.4064@TK2MSFTNGP11.phx.gbl...
> > Hello all,
> >
> > We are running and SBS 2000 with a DMZ and noticed some ridiculous slow
> > down. Figured out that the web service and smtp was being compromised.
> > Although when we use netstat -an, port 25 is being used to connect to
us.
> > We restricted the web site security to only grant access to LAN IP's and
> > that shut off the connections to several offending ip addresses,
> > 69.42.100.8; 69.42.102.8 ; 80.68.244.119. However, we use the web
service
> > to access exchange for our remote users and will need to make it
available
> > to them.
> >
> > Can someone shed some light on this. Are there security settings that
we
> > can use to allow our users to access OWA without compromising our
security
> > and bandwidth?
> >
> > Thanks in advance.
> > Reggie Dones
> >
> >
>
>

Relevant Pages

  • Re: Relaying Breach via IIS
    ... remote users do not need access to SMTP to use OWA. ... Figured out that the web service and smtp was being compromised. ... Are there security settings that we ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Confused about 75 user/device/account (?) limit
    ... You have been asking about 90 people accessing 10 devices on the LAN NOT simultaneously, and 50 simultaneous people accessing OWA remotely. ... Device CALs would only be suitable if the remote users were always using the same device. ...
    (microsoft.public.windows.server.sbs)
  • Re: E2K3 OWA
    ... what services do I need to have running on the FE in order for OWA to function. ... Also, once the FE is in place, how do I prevent users from accessing OWA on the BE servers since OWA is automatically install as part of E2K3. ... I want the remote users to only be able to access OWA using the FE. ... ofcourse you will want to move your SSL cert and DNS name ...
    (microsoft.public.exchange.admin)
  • Custom OWA logoff behavior
    ... We're using an SSL VPN solution for remote users of OWA. ... addition to the OWA logoff code. ...
    (microsoft.public.exchange.clients)
  • Re: OWA Issue
    ... >through OWA which works all well and good apart from one little niggle.... ... >We have a company calendar which is in a public folder. ... Unfortunately in OWA my remote users ... >cannot send meeting requests in the public folder calendar, ...
    (microsoft.public.exchange2000.general)