Secure SMTP virtual server from spam mail

Our Exchange 2003 system work with the following configuration.
1. Clustered BE at Internal network service all internal users using
outlook(mapi),
2. 2 FE at DMZ works in NLB mode with the following role as RPCover HTTPS,
OWA\OMA\PUSH MAIL, SMTP\POP\IMAP4 for mobile users outside the LAN. The FE
server is also the Local bridge head.
3. All incoming and outgoing email to through a smart host for Anti spam and
anti virus filtering. The smarthost is a linux with send mail installed. The
smarthost is also our public MX server. (We call it linux here)

With the above configuration, we though we are free from spam mail. However
we discover recently a lot of spam mail coming via FE server instead of
linux. Since the email coming direct to FE, it didn't go through Linux for
filtering. We have tried the follow way to block but failed.

1. At SMTP Connector, configure BE and all FE as local bridgeheads. Forward
all mail through this connector to Linux. However the incoming mail pass
through FE still go to mailbox direct.

2. At FE - protocol - SMTP - Acess - relay, we restrict allow relay only
list of computers, remove "allow all computers which successful authenticate
to relay, regardless of the list above". With this setting, I believe we
managed to stop the FE from becoming open relay however it doesn't stop spam
mail from pass through it.

3. At FE - Protocol-SMTP- ACCESS-Authentication, We remove anonymous access
and grant permission to all mobile users. We believe by doing so we can stop
spam mail from passing through FE. However all mobile users are not able to
send email from their outlook express (POP3\SMTP\IMAP4).

At the moment, We can't force our mobile users to migrate their mail client
to Activesyn or RPCoverHTTPS. Hence we have to maintain SMTP virtiual server
at FE. We really need to stop the spam mail from passing through our FE
otherwise the investment of Anti spam\virus Linux will be failed.

We wish to get some advices from you. Please help.

thanks a lot


.

Relevant Pages