Re: Exch 2000 cannot pick up external mail

From: Robert Lampkin [MSFT] (rlampkin_at_online.microsoft.com)
Date: 04/27/04 

Date: Tue, 27 Apr 2004 19:50:21 GMT

Becareful unchecking "authenticated relay" on the relay section the SMTP VS.
This will also prevent POP3 users from authenticating remotely. This is if
you have remote users of course.
On the SMTP VS these are the settings you need and are default.
Access tab-

Authentication button:
   Anonymous, Basic, and Windows Intergrated all need to be checked. Not
TLS.

Connection button:
   All accept the list below.

Relay:
   Only the list below.
   Authenticated relay selected.

If you want to catch a compromised account go turn on Diagnostic Logging
for Transport on the properties of the server in the ESM.
Watch for event 1708. In the description of this event it will show you the
account that is being successfully authenticated with.
1706 will show you the accounts failing.

RELATED KNOWLEDGE BASE ARTICLES:
310380 HOW TO: Prevent Exchange 2000 from Being Used as a Mail Relay in
Windows
http://support.microsoft.com/?id=310380
 
266686 XCON: How to Configure a SMTP Virtual Server Part 1
http://support.microsoft.com/?id=266686
 
193922 XFOR: Preventing the Internet Mail Service From Relaying Unsolicited
http://support.microsoft.com/?id=193922

Robert Lampkin, MCSE: Messaging
Microsoft Exchange Support
************
Please reply directly to the thread with any updates. You may receive this
email notification before you are able to view my reply in the newsgroup.
Please do not send email directly to this alias. This alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com>
| References: <236b01c427b2$a8bb84e0$a501280a@phx.gbl>
| Subject: Re: Exch 2000 cannot pick up external mail
| Date: Wed, 21 Apr 2004 21:08:36 -0400
| Lines: 32
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
| Message-ID: <uCIMyhAKEHA.4072@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.exchange2000.connectivity
| NNTP-Posting-Host: 66-108-253-239.nyc.rr.com 66.108.253.239
| Path:
cpmsftngxa10.phx.gbl!TK2MSFTNGXA06.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
8.phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: cpmsftngxa10.phx.gbl
microsoft.public.exchange2000.connectivity:17471
| X-Tomcat-NG: microsoft.public.exchange2000.connectivity
|
| Stuart Knipe wrote:
| > Hopefully someone can help me with this as its been
| > melting my brain for a day now, we have exchnge 2000
| > running on win2k server, I recently found an open mail
| > relay on the smtp port, so I diligently closed this by
| > only allowing authenticated users to relay mail. our users
| > then complained of not getting any external mail, so I
| > simply reversed the changes made to allow anonymous access
| > again, problem is they still cannot recive external mail.
|
| Sounds like you changed the settings in the wrong place. If you changed
your
| virtual SMTP server *connection* settings to deny anonymous connections,
| that's why you aren't getting any mail....reverse the changes you made
| there.
|
| To close relay (although you should know that E2k/2003 are not open relays
| by default), go to the relay button and make sure to disable authenticated
| relay and set "only the list below" (empty or not, depending on your
network
| setup) as allowed to relay. What you may have seen was someone (or
someones)
| who'd figured out an easy-to-crack password for a default or user account
| for relay - the server allows authenticated relay by default. See
| http://www.vamsoft.com/orf/authattack.asp for more info on this.
| >
| > i have tried telnetting to the ip and smtp port but I
| > just get a blinking cursor and no ESMTP prompt as you
| > normally would with an open mail relay. sending mail is no
| > problem, but we cant pick it up in outlook 2k, and
| > external senders are beginning to get undeliverable mail
| > notifications as it doesnt seem to be hitting the mail
| > server. any suggestions???? thanks in advance
|
|
|