RE: Stopping SPAM at the server?

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Terry Liu [MSFT] (v-teliu_at_online.microsoft.com)
Date: 03/08/04 

Date: Mon, 08 Mar 2004 05:24:57 GMT

Hi Marty,

In order to block the SPAM reach the users' mailbox, I suggest you refer to
the two steps listed below:

Step 1: Stop Open Relay in Exchange 2003:

<Relaying> occurs when there is an inbound connection to your Simple Mail
Transfer Protocol (SMTP) server that is used to send e-mail messages to
external domains. With unsolicited commercial e-mail messages, a single
e-mail message that is sent to your SMTP server with multiple recipients in
domains that are external to your organization is an example of relaying.
When the SMTP server is configured to use anonymous authentication, the
messaging system that is used to propagate the unsolicited commercial
e-mail messages accepts the inbound message as typical. After the message
is accepted, the SMTP server recognizes that the message recipients belong
to external domains, and then the SMTP server delivers the messages. The
unauthorized users who send unsolicited commercial e-mail messages only
have to send one inbound message to your SMTP server for it to be delivered
to thousands of recipients. This may result in decreased performance and
congested queues. Additionally, this may annoy the recipients when the
messages arrive.

To prevent relaying, do not grant relay permissions to other hosts.
However, there are situations when relaying is required. You may have Post
Office Protocol 3 (POP3) and Internet Message Access Protocol 4 (IMAP4)
clients who rely on SMTP for message delivery. These clients may have
legitimate reasons for sending e-mail messages to external domains. To work
around this issue, create a second SMTP virtual server that is dedicated to
receiving e-mail messages from POP3 and from IMAP4 clients. You can
configure this additional SMTP virtual server to use authentication that is
combined with Secure Sockets Layer (SSL) based encryption, and then
configure it to permit relaying for authenticated clients.

Note
By default, the Default SMTP Virtual Server in Exchange 2003 is configured
to prevent relaying of e-mail messages through the virtual server.

To prevent computers from relaying messages through the SMTP virtual
server:

1. Click "Start", point to "Programs", point to "Microsoft Exchange", and
then click "System Manager".
2. Expand "Servers", expand "<ServerName>", and then expand "Protocols".
3. Expand "SMTP", right-click "Default SMTP Virtual Server", and then click
"Properties".
4. Click the "Access" tab, and then click "Relay".
5. In the "Relay Restrictions" dialog box, click "Only the list below" (if
it is not already selected), and then make sure that the "Computers" list
is empty. If you are not using any POP3 and IMAP4 clients with this virtual
server, click to clear the "Allow all computers which successfully
authenticate to relay, regardless of the list above" check box, and then
click "OK".
6. Click "OK".

Step 2: Use built-in antivirus features to block incoming SPAM e-mails:

Microsoft Exchange Server?2003 and Microsoft Office Outlook??2003, along
with antispam partner solutions, are designed to help organizations deal
more effectively with the junk e-mail problem.

, Real-Time Block List Service Provider Support
, Global Deny and Accept Lists
, Sender Filtering
, Inbound Recipient Filtering
, Improved Ability to Restrict Submissions to and Relaying on an SMTP
Virtual Server
, Integration with Outlook?2003 and Outlook Web Access Block and Safe Lists
, Junk E-Mail Filter
, Intelligent Message Filter

For detailed information, please refer to this link:
http://www.microsoft.com/exchange/techinfo/security/antispam.asp

In addition, we will release another built-in antispam feature and you may
refer to this link:
http://www.microsoft.com/exchange/techinfo/security/imfoverview.asp

For more information, please refer to this link:
http://www.microsoft.com/presspass/press/2003/apr03/04-14AntiSpamPR.asp

Here is another good resource for you to secure the Exchange Server 2003:
Exchange Server 2003 Security Hardening Guide --
http://www.microsoft.com/downloads/details.aspx?FamilyID=6A80711F-E5C9-4AEF-
9A44-504DB09B9065&displaylang=en

If anything is unclear, please feel free to post back!

Best regards,

Terry Liu
MCSE 2K MCSA MCDBA CCNA
Microsoft Online Support Engineer

Get Secure! - <www.microsoft.com/security>
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
60From: "Marty Leaf" <no@email.com>
60Subject: Stopping SPAM at the server?
60Date: Fri, 5 Mar 2004 16:53:40 -0500
60Lines: 12
60X-Priority: 3
60X-MSMail-Priority: Normal
60X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
60X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
60Message-ID: <OL2MTxvAEHA.2632@TK2MSFTNGP12.phx.gbl>
60Newsgroups: microsoft.public.exchange2000.general
60NNTP-Posting-Host:
66-208-231-43-ubr01b-malvrn01-pa.hfc.comcastbusiness.net 66.208.231.43
60Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
60Xref: cpmsftngxa06.phx.gbl microsoft.public.exchange2000.general:52457
60X-Tomcat-NG: microsoft.public.exchange2000.general
60
60I know I can't stop all the SPAM coming in to my users. I would like to
know
60what this newsgroup recommends as a SPAM stopping strategy. Is there a
60plug-in to Exchange 2003 to filter it before it gets to my users mailbox.
I
60don't want to blindly buy a SPAM blocking program without know which ones
60are actually worth the money.
60
60Any thoughts are greatly appreciated.
60
60Thank you,
60Marty Leaf
60
60
60

Relevant Pages

  • Re: Some Domains not delivering correctly
    ... As you said "I think it is something to with the SMTP", ... The POP3 Connector may download e-mail messages from the remote POP3 ... server, but those e-mail messages may not be delivered to the user. ... In the Server Management tool, expand Advanced Management, expand ...
    (microsoft.public.windows.server.sbs)
  • [NT] Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (MS03-046)
    ... Get your security news from a reliable source. ... In Exchange Server 5.5, a security vulnerability exists in the Internet ... an unauthenticated attacker to connect to the SMTP port on an Exchange ...
    (Securiteam)
  • RE: SMTP error (only from Outlook)
    ... This issue appeared on specify user or all SMTP clients? ... If yes, in Exchange System ... Is there any local bridgehead server listed in "Local ... to over three dozen open relay block lists. ...
    (microsoft.public.windows.server.sbs)
  • RE: strange email errors
    ... you to check the relay configuration on the SBS server. ... please restart the SMTP virtue server and Exchange ... Please also refer to the following steps to create a new SMTP Connector to ...
    (microsoft.public.windows.server.sbs)
  • Re: Exchange issues
    ... Are you up to date on all your Service Packs, both Windows and Exchange? ... > all traffic on port 25 to the SBS Exhange server. ... I suspected SMTP relaying becuase ... > You should verify that the server really isn't an open relay: ...
    (microsoft.public.exchange2000.admin)