Re: Authenticate domain users and port issues

.... forgot to add that you absolutely do *not* want to change your public SMTP port from the default 25, as otherwise you will not receive any more incoming internet emails. All internet SMTP traffic occurs on port 25. You can only *add* another port for your own internal purposes in addition to port 25 (ex. SSL, TLS, SMTP Auth, etc).

--
Roberto Franceschetti
LogSat Software
Makers of Spam Filter ISP
http://www.logsat.com

Roberto Franceschetti wrote:
Spamhaus won't blacklist you if the only issue you have is that spammers are able to send *you* emails. Spamhaus will however blacklist you for many other reasons. For example:

*Spam is originating from your IP address. This can happen if you misconfigured Exchange and others are indeed able to use it as an open relay.

*It can happen if your Exchange server is infected with a virus that has the effect of sending massive amount of spam out to the internet (a spambot). It can happen if users in your internal network are infected with a similar spambot virus, and your network is configured so that both your internal users and your Exchange server use the same IP address (are behind the same firewall) when "going out to the internet".

*You have some kind of antispam software that performs SMTP verification for incoming emails. Performing an outgoing SMTP connection attempt for each incoming email will often cause you to be blacklisted, as you are in effect often going to *try* sending out an email to a non-existent user on a remote server if the callback connection is in response to a spam email.

*Your antispam software, when receiving an email classified as spam, instead of using SMTP error codes to reject the email, will actually send a non-delivery notification spam email back to the sender. You will thus effectively send out a spam email for every spam email you receive, thus becoming a huge source of spam yourself. It may seem unbelievable that there are antispam applications behaving this way, but there sure are, and often customers don't find out this is so only *after* they have purchased and implemented the product.

*Your Exchange IP address is a dynamic IP address belonging to a pool of dynamic addresses owned by your ISP. In this case, you will need to purchase a static IP from your ISP. Dynamic IPs are blocked by major blacklists. The Spamhaus lookup on your IP will usually let you know if this is the case. If your static IP was incorrectly classified as dynamic, contact Spamhaus to have their database corrected.

.

Relevant Pages

  • Re: "Offenes" SMTP-Relay mal anders
    ... Port 25/tcp jedes am Internet angeschlossenen Hosts fuer SMTP reserviert ... marmelade von genau diesem brot eine unerwuenschte handlung sei. ...
    (de.comp.security.misc)
  • Re: "Offenes" SMTP-Relay mal anders
    ... "well-known port", reserviert fuer SMTP. ... In der Umgebung "Internet" ist Port 25/tcp fuer SMTP reserviert. ...
    (de.comp.security.misc)
  • Re: blocking telnet port 25 ?
    ... > SMTP is used for incoming and outgoing mail. ... > with DELIVERY of mail to a server. ... >>So I thought that I could block port 25 packets coming ... >>> need to have port 25 open to the internet so this is ...
    (microsoft.public.win2000.security)
  • Re: SPAM - More info please
    ... Gerhard, ... > I assume that your port 25 (smtp uses this port) is open to the world. ... > This is the way SPAM comes in normally. ...
    (Security-Basics)
  • Re: blocking telnet port 25 ?
    ... SMTP is used for incoming and outgoing mail. ... with DELIVERY of mail to a server. ... >So I thought that I could block port 25 packets coming ... from Internet. ...
    (microsoft.public.win2000.security)
Loading