Re: OUT OF MEMORY INETINFO: Does anyone have the answer yet?????

From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 10/12/04

  • Next message: Dan Berg: "Event Log NNTP Service Error" 
    Date: Tue, 12 Oct 2004 21:59:52 +1000

    I'm sorry that you don't understand how this is all supposed to work.
    Reading through the online documentation is a good start - there's plenty of
    good information there (but sometimes it's not very well organised). That
    said:

    a) In the Relay access dialogue, you should have "Only those computers
    below". In that list you should only have trusted IP addresses (ie IP
    addresses on your internal LAN)

    b) Optionally you can check "Allow all computers which successfully
    authenticate to relay, regardless of the list above". This means that users
    who use SMTP Auth from outside the trusted IP address list can authenticate.
    They need to configure their email client for outbound SMTP authentication.
    There are two authentication methods supported by IIS. Basic (which is
    supported by most clients and servers) thi passes credentials in cleartext
    (which means you should use TLS - Transport Layer Security to secure these
    credentials) and Integrated Windows Authentication (which is basically NTLM
    authentication). Only Microsoft email clients support NTLM authentication.
    In Outlook Express, this is called "Secure Password Authentication". NTLM
    Auth does not pass the user's password in clear text across the wire.

    You should uncheck this box if you do not need any external travelling users
    to use your server as a relay. Otherwise, the following may happen:
    - if a user (eg guest account) has no password, then an attacker can relay
    mail through your server
    - if an account has a weak password, an attacker may be able to guess/brute
    force the password
    - if the user is passing their credentials in clear text across the network,
    then the password may be sniffed by an attacker.

    c) BY DEFAULT IIS SMTP Server is secure against 3rd party relay. Only if you
    muck with the default settings will you get hit with 3rd party relay by
    spammers.

    If you want a more detailed explanation on securing MS SMTP Server, there's
    a whole chapter on it in the IIS 6 Security book that I co-authored - you
    can get a copy from Amazon.com or your favourite bookstore.

    Cheers
    Ken

    "JD" <jd@thejd.co.ukSPAM> wrote in message
    news:OxypV9CsEHA.868@TK2MSFTNGP12.phx.gbl...
    > No guest accounts, I have a login tracker, no one has logged in as
    > autherised users.
    >
    > OK, so "Relay" is locked down by:
    > ~Only allowing those PCs listed below and PCs which succesfully
    > authenticate..etc
    >
    > "Authentication": I ticked intergrated windows authentication, but my mail
    > was returned as client not valid, so I have now ticked allow anonymous
    > access and the mail gets through sent via other domains.
    >
    > Is the above all OK? I still dont understand how in "Authentication" I can
    > have conflicting tick boxes... anonymous-V-windows authentication?
    >
    > Unfortunatly I can now relay without authenticating (I just checked) If I
    > untick Anonymous in Authentication I cant recieve emails from other
    > domains, and if it is ticked I dont have to provide login credentials to
    > send through the smtp server.
    >
    > It doesnt make sense!!
    >
    > "m.marien" <mm AT RiverCityCanada DOT com> wrote in message
    > news:10mltak9j7dtq72@corp.supernews.com...
    >>
    >> "JD" <jd@thejd.co.ukSPAM> wrote in message
    >> news:eiK1Ws7rEHA.1164@TK2MSFTNGP10.phx.gbl...
    >>> Ive been round the houses, finally had to re-install, the earlier spam
    >>> serving had generated 1gb of mail failure slips queing up. (hence the
    >>> spiralling Inetinfo)
    >>>
    >>> Whats the difference between "Relay" and "Authentication"
    >>>
    >>> If I tell relay to only allow computers (duh users?) who have
    >>> succesfully authenticated and "Only the [empty] list below" is
    >>> ticked...then RELAY IS STILL POSSIBLE!! without authentication by
    >>> others.
    >>>
    >>>
    >>
    >> Relay is the ability of other computers to send messages through this
    >> SMTP server.
    >>
    >> Authentication is the method used to authenticate users. Anonymous
    >> Authentication doesn't count. Although it's in the list, you can't relay
    >> messages if it's the only method available.
    >>
    >> With the default settings, the only computer that is allowed to send
    >> messages is the computer the SMTP server is running on. In that case it's
    >> not relaying.
    >>
    >> I think you have the settings correct. I would look at the user accounts.
    >> Is it possible that there is an account without a password ? or the guest
    >> account is enabled ? or one of the accounts has been breached ? If you
    >> use basic authentication it quite possible someone has discovered one of
    >> your account passwords.
    >>
    >> Is there another way to allow relaying for your system? My SMTP server is
    >> only available to a subnet so I can use that method rather than
    >> authentication. I allow an IP address range to relay and unselect the
    >> Authentcation method. Is that possible with your clients?
    >>
    >>
    >>
    >
    >

  • Next message: Dan Berg: "Event Log NNTP Service Error"

    Relevant Pages

    • Re: remote POP3 clients unable to use SMTP
      ... relay only? ... your SMTP server accepts connections from all senders, ... Can you reproduce this with a POP client on your LAN? ... how did you set up the SMTP server authentication? ...
      (microsoft.public.exchange2000.admin)
    • Re: More questins on SMTP spam attacks.
      ... Annonymous (so we can receive emails from other SMTP server) ... Integrated Windows Authentication ... Allow Authenticated computers to relay. ... that is telling each bot which SMTP server to try to use. ...
      (microsoft.public.inetserver.iis.smtp_nntp)
    • Re: RELAY MAIL
      ... POP and SMTP server, I only can use Microsoft exchange server inside my ... account of my domain, and I tried to use my domain SMTP server pointing the ... the SMTP server suppose to refuse to relay mail from 1 account that doesn't ... Click on Authentication button: ...
      (microsoft.public.exchange2000.protocols)
    • Re: HELP! SMTP for IMAP stopped working
      ... the initial setup to get the RPC over HTTPS so they use IMAP. ... If the authentication was unsuccessful wouldn't I get an error? ... the checkmark for allow relay to authenticated users is still ... using the SMTP server to send mail as long as authentication is ...
      (microsoft.public.exchange.setup)
    • Re: OUT OF MEMORY INETINFO: Does anyone have the answer yet?????
      ... Relay is the ability of other computers to send messages through this SMTP ... Authentication is the method used to authenticate users. ... it possible that there is an account without a password? ...
      (microsoft.public.inetserver.iis.smtp_nntp)