I assume you're talking about "anonymous" under "Access Control" tab of your SMTP virtual server's property pages. This MUST be set to "anonymous" if you want to give access to other servers to send you inbound mail. Now under "relay" that's a different animal. They would need to authenticate as a valid user, as long as you have "only the list below" selected. If you have "all except the list below" selected, and you have "anonymous" selected under "Access Control", you will be an open relay.
Is that more confusing than before? Just leave access control set to anonymous, and require authentication under relay, and check off the "only the list below". Add your internal clients' subnets there, and set any external pop3 clients to authenticate. > -----Original Message----- > From: Myles, Damian [mailto:[EMAIL PROTECTED]] > Posted At: Tuesday, April 23, 2002 05:17 AM > Posted To: MSExchange Mailing List > Conversation: What hotfixes/patches after Sp2? > Subject: RE: Ex2K SMTP Settings > > > Just as a follow up.. my (mis) understanding (delete as applicable) > > 'Allow all computers which successfully authenticate to > relay, regardless of the list above' > > Allows computers that meet authentication requirements set in > the Authentication dialog box to relay messages to the SMTP > virtual server. Which would mean a virtual server enabled for > anonymous authentication can be potentially used as a relay > server because it is 'authenticated' ??? > > Cheers > Mylo > > > -----Original Message----- > From: Myles, Damian > Sent: 23 April 2002 11:58 > To: Exchange Discussions > Subject: Ex2K SMTP Settings > > > Hi, > > Can anyone clarify whether the 'Allow all computers which > successfully authenticate to relay, regardless of the list > above' checkbox on an SMTP Virtual Server would define a > logged-on user (AD), telnetting to Port 25 of the Exchange > Server as being 'authenticated'. Our test environment is down > at the moment so I can't test this out. Essentially, we're > looking to secure our servers internally from mail spoofing, > by using the tying down Connection Control and Relay > Restrictions on the SMTP service to grant access to 'Only the > list below', i.e. Exchange Servers only. > > Just need to know what 'authenticated' means in this context. > > TIA > Regards > Mylo > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
