Yes and No. If you disable the ability for internal POP3 users to send to internal users, then you disable the capability for anyone to send to internal users on that connector. That's how servers normally send mail to your server and users.
If you want to get real asinine about it, you could create an additional connector that only allowed for authenticated access and set the other connector to reject all internal addresses. I'd suggest leaving things as they are now, let the internal users send internally if they aren't authenticated. If you were to restrict an inside user, they could easily go home and send the exact same message as if they were internal. You don't really gain any security and you dramatically increase the complication of your configuration. Ed -----Original Message----- From: Irfan Malik [mailto:[EMAIL PROTECTED]] Posted At: Thursday, March 07, 2002 11:50 PM Posted To: Microsoft Exchange Conversation: securing smtp Subject: RE: securing smtp Tom, I did stop POP3 but a LAN user can still send smtp request to other LAN users. If they check "My Server Requires Authentication" in OE they can send mail outside, without that they cannot send outbound mails, which is good. But if you uncheck "My server requires Authentication" they can easily send smtp request to only LAN users. Is there anything I have missed to configure on my server or this behavior is by default. Thanks. -----Original Message----- From: Tom Meunier [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 7:54 PM To: Exchange Discussions Subject: RE: securing smtp Well, I'll qualify that. There *IS* indeed a solution. Don't let them use POP3; but require only OWA. Still nothing to stop anyone who likes (including me or Al Gore or Spam-R-Us) from establishing a telnet session, without losing legitimate mail -----Original Message----- From: Tom Meunier Posted At: Thursday, March 07, 2002 8:52 AM Posted To: MSExchange Mailing List Conversation: securing smtp Subject: RE: securing smtp Oh. Well, that's an RFC question. You're asking for how to let everybody in the universe EXCEPT your own people send inbound mail? That's just kinda weird. No way to stop it; they're just telnetting into your port25 like everyone else in the world. Unless you know what IP address they're hitting you from, and refuse those. -----Original Message----- From: Irfan Malik [mailto:[EMAIL PROTECTED]] Posted At: Thursday, March 07, 2002 7:16 AM Posted To: MSExchange Mailing List Conversation: securing smtp Subject: RE: securing smtp Thanks Tom, We are using e2k sp2 and w2k sp2. As well there is correction in my statement. "Some of my users using Outlook Express. I want users not to send mail outside or within LAN without authentication. I have controlled this for mails going to other domains but users still can send mails without authentication within LAN using Outlook Express. How can I secure that, any suggestion is request." Regards, Malik Irfan -----Original Message----- From: Tom Meunier [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 6:03 PM To: Exchange Discussions Subject: RE: securing smtp It's in the FAQ for 5.5, and it's in the FAQ for 2000. I would have gotten more specific, if you had said what version of Exchange you were using. That's important info. But "look it up in the FAQ" will get you there. In 5.5 it's in the properties of the IMC, to require auth. In 2000 it's in the properties of the SMTP Virtual Server or connector, whichever applies in your case. -----Original Message----- From: Irfan Malik [mailto:[EMAIL PROTECTED]] Posted At: Thursday, March 07, 2002 2:52 AM Posted To: MSExchange Mailing List Conversation: securing smtp Subject: securing smtp Dear all, Some of my users using Outlook Express. I want users not to send mail outside or within LAN with authentication. I have controlled this for mails going to other domains but users still can send mails with authentication within LAN. How can I secure that, any suggestion is request. Thanks and Regards. Malik Irfan _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
