Use both settings: authenticated users and by IP. The two are inclusive. That is, the IMS will accept mail from authenticated users, and from listed IP's.
-----Original Message----- From: Mike Rissen [mailto:[EMAIL PROTECTED]] Sent: Monday, May 20, 2002 12:42 PM To: Exchange Discussions Subject: routing/relay issues Scenario: 1) Company has Exchange 5.5 with all the service packs. 2) Company has user create a new account via web page. 3) User is immediately e-mailed an account and temporary password 3.a) email is NOT authenticated in any way. 3.b) scripting language is iHTML 3.c) User is almost always OUTSIDE the domain. 4) User changes password and is then allowed to do his thing. Everything works GREAT until a group of people called ORDB come onto the scene. You see, the only way this works is that Relaying is enabled in the IMS settings...also allowing spammers to mercilessly use their website and get them BLACKLISTED. Mail starts bouncing, connections being refused, etc. So turn off the routing except to only authenticated users? BAM! every e-mail functionality of the website dies. I've tried placing routing restrictions on the IMS so that only the IP address of the web server can use relaying. Nope. Even though the scripting language is server side, the email seems to be originating from the users IP. I know this because when we opened it up for that IP address, I could open a browser on the server and everything works fine...but on another user's machine inside the firewall...It dies. _____________________________ Even though the user's IP address seems to be used, SOMETHING is going through the server because the IP address in the iHTML is a 10.10.x.x (non-routable). Its inside the firewall. Is it somehow translated? Can you explain that? I didn't think I was net stupid...but alas ------ I thought about creating another IMS module in Exchange (books have talked about doing this for other reasons) and have it answer on a secret port (NOT 25). Have this one totally open to relaying. The iHTML can specify a specific port to connect to. Stupid idea? If someone found it..the whole thing would start over again. Is it possible? ------ I thought about having some process sitting somewhere (maybe on the SQL server) that would do the emailing and have it authenticate. The iHTML would then only add all the information into a table and be done with it. The SQL server would check for records every minute or so and e-mail once for each record it finds. Client doesn't necessarily want this. Any other advice or ideas from the gurus? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
