Re: Bad HELO and no authentication - please help
- From: "David Barnes" <david at bitsolve dot com .nospam.ignore.net>
- Date: Sat, 8 Sep 2007 16:32:14 +0100
Hi,
In Exchange System Manager
There are 2 type of administrative views. (I have mine set to display
routing and administrative groups) [r-click, properties of the root
"DOMAINNAME(Exchange)", tick the 2 boxes]
So my description is for this view type.
drill down to:
Administrative Groups / first administrative group / Servers / -server-name-
/ Protocols / SMTP
With SMTP highlighted on the left (tree) you should see "Default SMTP
Virtual Server" on the right.
R-click and select properties.
goto the "Access" tab
Authentication (button)
- Anonymous should be ticked
- It is recommended by most (including me) that
unless you have specific branch offices or
partners that you have setup authenticated
SMTP connections with, that you disable (untick)
"Basic Authentication" and "Integrated Authentication"
Connection (button)
- "All except the list bellow"
- List should also be empty unless you have started to
'BAN' (block) certain spammers and unwanted senders.
Relay (button)
- "Only the list below"
- List should have 127.0.0.1 and the INTERNAL IP of your SBS box eg
192.168.1.10
* keeping this list to just that of the local machine is a good
defensive measure which will pay off when/if an internal PC or infected
laptop get brought into the network with a SPAM trojan. They seem to be
getting intelligent now and look for the internal server or ISP's SMTP
server and start banging away with spam. (I see it in the headers of spam at
my clients repeatedly. what looks like laptop has relayed out via the co's
exchange server via SMTP.)
- I also disable (untick) "Allow all computers which successfully
authenticate to relay...."
* this stops a spammer that 'guesses' a users name and password (easier
than you may think) from using your server to send spam. Outlook native,
Outlook RPC over HTTPS, OMA (outlook mobile/pda), and OWA do NOT need this.
"Ritch_DA" <RitchDA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0C86145E-A474-4527-8F56-2C265919C57E@xxxxxxxxxxxxxxxx
Thanks for your reply David.
How can I turn this on?
but it sounds like Anonymous has been disabled on the
recieving SMTP.
"David Barnes" wrote:
Just a guess, but it sounds like Anonymous has been disabled on the
recieving SMTP.
Or some setting set that seems to require that source to authenticate.
David Barnes
.
- References:
- Re: Bad HELO and no authentication - please help
- From: David Barnes
- Re: Bad HELO and no authentication - please help
- Prev by Date: Re: Devcon remove failure and CEICW setup fails
- Next by Date: Re: E-mail address questions
- Previous by thread: Re: Bad HELO and no authentication - please help
- Next by thread: RE: Bad HELO and no authentication - please help
- Index(es):
Loading
