Re: Relays Question

If you allow relay, you ought to also require authentication. If you have
more than one Exchange server you could allow relay on one of them that
isn't allowed to send through the Internet. Another option is to set up an
internal-only Windows 2003 server with the IIS SMTP service that does the
relaying you're requesting.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

"Phaid" <pchludil@xxxxxxxxx> wrote in message
news:1187642951.766849.98480@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
We recently ran into a problem on our network with viruses. I believe
it was
a series of issues caused by our service provider. First, an Anti-
Virus
version update was botched and large number of systems were
unprotected by
AV. Second, the Firewall was configured so that anyone could send via
port
25. Third, at the same time we opened relaying internally. Can't be
sure, but
I do not believe it was related to opening up relaying internally.

The question is, with the firewall configured so that only our
Exchange
server can use port 25 outgoing (connecting to another server in a DMZ
to
send the mail on), if we set up relaying so that computers on the
inside of
the network can use the Exchange server as an open relay - do we have
anything to worry about?

The reason for the question is that we are implementing new software
that is
meant to work with any e-mail server and requires POP3 and SMTP. It
requires
that the workstations have the ability to use our mail server as a
relay as
well. My concern is that if we get hit with another virus, what will
the
outcome be? Are there any viruses setup to detect open relays on a
network
and use them? I am not an expert on this matter at all, but I have to
believe
the answer is yes there are viruses smart enough to detect and use an
unspecified open relay... Thoughts?



.