Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying

From: Tony (noreply_at_noemail.net)
Date: 10/01/04

• Next message: Frank McCallister: "Re: One last (hopefully) question"
• Previous message: Susan Bradley, CPA aka Ebitz - SBS Community Rocks: "Re: Way to shutdown SBS without generating a ton of extraneous events????"
• In reply to: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Next in thread: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Reply: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Messages sorted by: [ date ] [ thread ]

---

Date: Fri, 1 Oct 2004 08:56:57 -0500

I am using a smarthost to forward outgoing mail. One of my concerns is the
possibility if a client were to pick up some kind of a trojan ( I am running
AV software on all clients) and use the exchange server to relay spam. I
already have port 25 blocked for clients on the ISA server so the only
conduit would be if a trojan used the default gateway (the exchange server)
to route mail bypassing the Outlook client. I may be being a bit overyly
paranoid here, and thought I had everthing set up correctly until MS's
Exchange testing tool put it out as a big flag that it is set up as a open
relay.

Tony

"Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in message
news:eV7oOtzpEHA.324@TK2MSFTNGP11.phx.gbl...
> Tony wrote:
>> The guest account is disabled. I did a telnet in to the mail server
>> from my workstation on the lan side and was able to relay a message
>> from a forged email address to another email address in another
>> domain. I am not overly concerned with somebody externally using the
>> server as an open mail relay because I have another mail relay server
>> that scans for virus and spam that port 25 from the internet goes to
>> and this server hands off the mail to the exchange server. But I am
>> concerned that the MS tool lists it as open and I can just telnet in
>> from the lan side and send out. I am a bit of a mail server newbie
>> and just want to make sure I am not sitting on a potential problem
>> here. It is my understanding that Outlook talks to Exchange with RPC
>> and I should not need 25 open to any of the lan clients at all.
>>
>> Tony
>
> On a client on the LAN, set up a test OE account, with a POP account you
> can
> access from somewhere (even if it isn't your Exchange mailbox - best not
> to
> use that if you ask me) and specify your Exchange server's local IP or
> name
> as the SMTP server, no authentication. Try to send a message to a
> non-domain
> address and see what happens. It shouldn't work; you should get a bounce
> message.
>
> I'm presuming you're not forwarding all mail to a smarthost for outbound
> mail, right? But are resolving via DNS and sending directly?
>
> If your Exchange server isn't exposed directly to the Internet, you're
> right, nobody on the Internet can even get to it no matter what your relay
> settings are.
>>
>>
>> "Douglas Boyd [MSFT]" <dboyd@online.microsoft.com> wrote in message
>> news:NHnFjdypEHA.404@cpmsftngxa06.phx.gbl...
>>> Tony
>>>
>>> Is the guest account enable on the server? Have you tried telnet to
>>> port 25
>>> and tried to drop mail for a bogus domaint o verify the test ?
>>>
>>> Doug Boyd
>>> dboyd@online.Microsoft.com
>>>
>>> This post is provided "AS IS" with no warranties and confers no
>>> rights
>
>
>

---

• Next message: Frank McCallister: "Re: One last (hopefully) question"
• Previous message: Susan Bradley, CPA aka Ebitz - SBS Community Rocks: "Re: Way to shutdown SBS without generating a ton of extraneous events????"
• In reply to: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Next in thread: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Reply: Lanwench [MVP - Exchange]: "Re: Question about the "Microsoft Exchange Server Best Practices Analyzer Tool" and open relaying"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: WM5, VPN via PPTP/MPPE, and direct connection to Exchange ... As for direction connection to your Exchange server, ... NOT synchronising with a client laptop. ... Is there any way of getting the VPN client in WM5 to use MPPE? ... (microsoft.public.pocketpc.phone_edition) Relaying mail on SBS2K3, Exchange 2K3 ... We have a client that chose to ... the server, with employees who access the server from all over the United ... the problem that we are running into is enabling relay access ... does SBS2003 with Exchange allow for true remote ... (microsoft.public.windows.server.sbs) RE: Exchange 2003 SMTP Queue ... Jorge, Thanks for the reply. ... I am pretty certain this is not a relay issue. ... >addresses of the Exchange server can relay through this ... If your Exchange server is blocked by the remote ... (microsoft.public.exchange.connectivity) Re: Firewalls ... and they provided a CISCO router. ... authentication server and perhaps move the Exchange to a spearate server, ... For a client with a DSL or T1 you could just purchase a firewall to setup ... With the x550e they could secure their exchange server by removing content ... (microsoft.public.windows.server.sbs) Re: Mail Relay for one email address ... want to consider not relaying mail on the primary mailbox server. ... set up another SMTP Relay Server dedicated to this service.Set relay ... some of our client Ip's are not static. ... allow to relay SMTP requests. ... (microsoft.public.exchange.admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)