It's been a while since I've supported POP3 clients on Exchange (5.5) but, as I recall, I had no issues with anonymous relaying. I believe that Exchange 5.5 allowed anonymous SMTP inbound connections (that is, connections for mail to be delivered locally) and would allow relaying by authenticated users only.
Or maybe I was just luckily that the spammers different find this server? Aaron -----Original Message----- From: Greg Deckler [mailto:[EMAIL PROTECTED] Sent: Friday, December 12, 2003 11:30 AM To: Exchange Discussions Subject: RE: Mail Processing by Exchange vs. SendMail While I am not sure that the "Greg" in this post was directed at me or whether this is some new form of abuse and sarcasm, it is pretty much irrelevant as I do have some things to say on this issue. The biggest problem that I have had with Exchange on the outside of the SMTP mail chain is anti-spam in a small office environment. It is not that anti-spam functionality does not exist in Exchange, but it is in its native implementation. The issue actually revolves around POP3 users. For your Exchange server to serve as the end-point for SMTP connections from anywhere, you generally have to turn on Anonymous Authentication. This allows any SMTP server to connect to yours to send email. Now, let's say you have POP3 users that might be connecting from anywhere they please on just about anyone's network. To allow these people to send email, you have to generally turn go into Relay Restrictions and turn on "Allow all computers which successfully authenticate to relay..." The problem with this is that Anonymous Authentication is also on, so guess what? Spammers can anonymously authenticate and relay spam, because, apparently in the Microsoft world Anonymous Authentication is just as good as any other Authentication. Oh well. And yes, you can turn this checkbox off and set up specific computers, but if they are POP3 clients connecting from anywhere, you are hosed there and if you set up this by domain, you have a whole other set of problems, not the least of which is that this forces a reverse DNS lookup. What really needs to happen with this is that Microsoft needs to simply add a checkbox that says something along the lines of "Anonymous Authentication can only send inbound messages and not relay." But, I guess since I am not an MVP the likelihood of this happening is close to zero. In terms of speed, I do not have hard numbers, but if you buddy is making rash statements like you indicate, he or she does not either. Tell your buddy to show you the proof or jump off a pier. You may want to be a little more PC. I have only seen an Exchange server's SMTP mail engine under duress when a spammer was involved and we are talking ungodly amounts of messages with lots of failures and retries. In terms of having Exchange exposed to the outside world, you can secure it, put it in a DMZ and make it a front-end server. Again, the main issue I have is with anti-spam in specific situations but if you don't have to worry about POP3 users or have an extra box to point POP3 users to, then you're good to go. Finally, I will point out that *technically* you do not even need Exchange as the SMTP engine is built into Windows 2000/2003 and I have played around with using this to serve as a host to forward SMTP mail into my Exchange environment. It's been awhile since I really sat down with it, but if memory serves it worked just fine. > > Greg, would you please help with this discussion on SendMail....Your > > input will be highly regarded....Thanks > > Tell him Postfix is more secure... :P > > > > Personally, I like to put another server at the edge for SMTP that > > is NOT Exchange when I can... > > > > As far as who's faster at processing... Who cares, can Sendmail do > > calendaring, public folders, etc? > > > > -----Original Message----- > > From: Sean Faust [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 12, 2003 9:20 AM > > To: Exchange Discussions > > Subject: Mail Processing by Exchange vs. SendMail > > > > Good Morning All, > > > > I have a Unix/Linux admin that is just wearing me out with regards > > to Exchanging being 3rd rate. Given all of the variables including > > memory, processors, etc. How much mail traffic can Exchange process > > in an hour/day and what is the advantage if any of putting SendMail > > in front of Exchange? > > > > His last statement was that SendMail can process more mail in one > > minute than Exchagne can process in a day. > > > > Thanks, > > > > Sean > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mo > > de=&lang > > =english > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
