Re: setting up SMTP on 2003 server

Tech-Archive recommends: Fix windows errors by optimizing your registry

On Wed, 3 Aug 2005 03:05:05 -0700, "nudge"
<nudge@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

>hi,
>
>we have a website directory for people to contact the advertisers and we are
>using smtp and ASP.
>
>there are only 2 pop3's established, each of which are for our company's
>normal internal use.
>
>so a normal web user sees a company advertised on our website and wishes to
>contact him - he completes a normal form, and sends an email to the company
>and to us as CC.
>
>the server has the following smtp settings. we have a german server, so i
>hope i have translated these correctly.
>
>1 single IP address on port 25.
>access -> authentication - anonymous
>access -> connection control -> everyone EXCEPT a small list of known urls
>that have already attacked our system
>access -> relaying -> everyone EXCEPT a small list of known urls that have
>already attacked our system
>relaying -> outgoing security -> anonymous
>relaying -> extended -> our domainname and as our server does not have it's
>own dns we are using the smarthost of our provider.
>both checkboxes under the smarthost field are NOT checked.
>LDAP -> nothing changed - all left unchecked.
>security -> administrators, network and local services
>
>so my question is how can we stop relay attacks, whilst ensuring a normal
>websuser can still send an email to 1 or multiple advertisers from our site?

Assuming you didn't allow relays, then you're not relaying. Server
2003 has relays off by default. A better option is to close SMTP
incoming in your firewall, if all you do is send out from this system.

Jeff
.