Re: RELAY MAIL

From: Jeff Vandervoort (_at_)
Date: 03/19/04 

Date: Thu, 18 Mar 2004 18:09:30 -0600

Don't know if you found an answer to your situation, but I found mine. Are
you using an ISA Server with the SMTP filter?

That's where my problem was. (As I recall, the filter was installed as part
of a "feature pack" upgrade but I could be wrong about the history.) In our
case, we used the Exchange 2003 migration as an opportunity to route SMTP
through the ISA Server; previously it used another firewall. That's why it
stopped working when we stopped relaying through the E5.5 server.

I found a great download on isaserver.org called ISAEXCHANGEKIT.ZIP, which
contains about 50MB of Word files on various aspects of Exchange setup. One
of them talks about this filter in conjunction with POP mail.

The SMTP filter, which protects against buffer overflow exploits, does not
pass SMTP authentication commands.

The temporary workaround, of course, is to disable the SMTP filter, which
then allows authentication commands to reach the Exchange server, at the
risk of buffer overflow attacks. As soon as I did that, relaying worked.

The ultimate solution is to set up an authenticated SMTPS relay on the ISA
Server using a packet filter. The packet filter bypasses the SMTP filter for
authenticated relay. Then you pass unauthenticated SMTP (in other words,
normal incoming mail) to the Exchange server with a server publishing rule.
The publishing rule sends SMTP through the filter, protecting you against
buffer overflows. 

-- 
Jeff Vandervoort
JRVsystems
http://jrvsystems.com
"ZIP" <jms_pt@hotmail.com> wrote in message
news:eaMD2YQCEHA.2060@TK2MSFTNGP12.phx.gbl...
> Hello Peter it seams that everything is as you have said, but can't send
> mail outside of my domain when I set up the mail program to point pop and
> SMTP server
>
> Configurations are:
>
> User:            username
>
> Password:    *******
>
> Pop:            mail.localdomain.com
>
> SMTP:          mail.localdomain.com
>
>
>
> in this way I can send mail only to local domain, but if I configure my
> profile in Microsoft Outlook use a exchange server instead of pop server
> everything works fine, the problem is when I try to connect outside my
> domain I can't do that I have to configure the users accounts to point to
a
> POP and SMTP server, I only can use Microsoft exchange server inside my
> domain.
>
> Another thing I tried to use an account from another ISP that isn't an
> account of my domain, and I tried to use my domain SMTP server pointing
the
> SMTP server option to my SMTP domain and I can't send mail other domains,
> but I can send mail to my DOMAIN ACCOUNTS...!!!! Is this normal??? Didn't
> the SMTP server suppose to refuse to relay mail from 1 account that
doesn't
> belong to my domain???
>
>
>
> I hop that you could help me
>
> Regards
>
>
>
>
>
> "Peter D. Hipson" <mcn01 at hipson dot net> escreveu na mensagem
> news:9u36509fjef13ursqvddofqo69c5atd61e@4ax.com...
> > This is a somewhat generic error telling you the user was not
> > authenticated (necessary to allow SMTP to send email outside your
> > domain). Could be several causes, perhaps your client has said SSL and
> > the server is not setup for that, or the user is not authenticating
> > with the correct credentials.
> >
> > In the SMTP properties, Click on Authentication button:
> >
> > Make sure:
> >
> > Anonymous Access is checked (allows outside email to be received)
> > Uncheck Resolve anonymous email
> > Check Basic Authentication
> > Uncheck Requires TLS encryption
> > Optionally, check Integrated Windows Authentication (if this is on,
> > the user will be automatically authenticated if they are logged on to
> > the 'correct' domain already.
> >
> > In Relay:
> >
> > Check Allow all computers which successfully authenticate to relay,
> > regardless...
> >
> > For now, leave the list empty, with Only the list below checked. This
> > allows only authenticated users to send email outside the domain.
> >
> > An anonymous user is not an authenticated user, and won't be able to
> > relay.
> >
> > On Sat, 13 Mar 2004 11:41:39 -0000, "ZIP" <jms_pt@hotmail.com> wrote:
> >
> > >I am certain that this is a newbie kind of question but I need to
provide
> > >Access to external users (trough e-mail program like Outlook express or
> > >Microsoft Outlook) not only to  they see their mail, but also to send
> mail
> > >to other domains.
> > >
> > >
> > >
> > >And the problem begins, you see my external users can see their mails
and
> > >they're able to send mail to, But Only to my local domain..!!!!
> > >
> >
> > PeterD, the Darkstar Network
> > To email, fix my address!
> > ExpertZone!
>
>