RE: Inside user spamming
From: Kenny Wood (Kenwood_at_online.microsoft.com)
Date: 12/09/04
- Next message: exchangerookie1994: "Re: Inside user spamming"
- Previous message: Deji Akomolafe: "Re: No ESMTP response - ehlo test.com 500 5.3.3 Unrecognized comma"
- In reply to: exchangerookie1994: "Inside user spamming"
- Next in thread: Deji Akomolafe: "Re: Inside user spamming"
- Reply: Deji Akomolafe: "Re: Inside user spamming"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 09 Dec 2004 00:46:36 GMT
Hello and thank you for your post.
Unfortunately you are confusing relaying with UN-AUTHENTICATED relaying. When the
majority of the world states RELAY, they mean the un-authenticated type. The reality is that
anyone who sends mail THROUGH an Exchange server is relaying. The only object that
doesn't relay is the SMTP server itself. By turning off "allow authenticated users to relay" you
have created the backlog in the queues.
The tests you did were good for testing un-authenticated relay, but if you want people to be
able to send email, they need to be able to relay, via authenticated means.
Kenny Wood
CISSP, MCSE (+S, +M)
PSS Security
Microsoft Corporation
-- This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated. -------------------- Thread-Topic: Inside user spamming thread-index: AcTZ+cUVyP9Fi2KIQN20oMrKCIPG9Q== X-WBNR-Posting-Host: 205.208.168.71 From: =?Utf-8?B?ZXhjaGFuZ2Vyb29raWUxOTk0?= <exchangerookie1994 @discussions.microsoft.com> Subject: Inside user spamming Date: Sat, 4 Dec 2004 04:07:04 -0800 Lines: 8 Message-ID: <2A7EC9F3-1591-43E8-BD14-17ADBAE33E62@microsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset="Utf-8" Content-Transfer-Encoding: 7bit X-Newsreader: Microsoft CDO for Windows 2000 Content-Class: urn:content-classes:message Importance: normal Priority: normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0 Newsgroups: microsoft.public.exchange2000.transport NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29 Path: cpmsftngxa10.phx.gbl!TK2MSFTFEED02.phx.gbl!TK2MSFTNGP08.phx.gbl! TK2MSFTNGXA03.phx.gbl Xref: cpmsftngxa10.phx.gbl microsoft.public.exchange2000.transport:6975 X-Tomcat-NG: microsoft.public.exchange2000.transport I have a set up Exch2000 fresh load. I have locked relay capabilties to local ip subnet. I have tested for open relay from outside - good. I have unchecked allow authenticated users to relay setting. My smtp queue is filling fast. Is there a utilty /software to see were this mail is coming from. I think it has to be someone on inside (domain user). I have also turned on logging on MStransport - smtp protocol to maximim logging. Please help
- Next message: exchangerookie1994: "Re: Inside user spamming"
- Previous message: Deji Akomolafe: "Re: No ESMTP response - ehlo test.com 500 5.3.3 Unrecognized comma"
- In reply to: exchangerookie1994: "Inside user spamming"
- Next in thread: Deji Akomolafe: "Re: Inside user spamming"
- Reply: Deji Akomolafe: "Re: Inside user spamming"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
