Not in this thread, anyway. The authentication hole exists when someone hacks a password. If you need to allow authentication, you should consider doing this with a virtual server that is not exposed to the Internet. If you do expose your SMTP to the Internet with authentication, you should, at a minimum, restrict the accounts that can use it, force the use of SSL, and enforce strong password policies.
Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Deckler Sent: Thursday, December 18, 2003 8:37 AM To: Exchange Discussions Subject: RE: Open Relay/Spamcop Hey, thanks for the confirmation. People have told me that I am smoking crack and that the Exchange servers were horribly misconfigured. It's nice to know that I am not smoking crack. > I concur with greg ... our server had those settings and we were being > used as a relay ... turned off "Allow all computers which successfully > authenticate to relay, regardless of the list above." and that stopped > it ... > > Mike > > > > -----Original Message----- > From: Greg Deckler [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 18, 2003 11:17 AM > To: Exchange Discussions > Subject: Re: Open Relay/Spamcop > > > This may or may not be the problem, but I have seen spammers able to > relay off an Exchange server if the following configuration applies: > > 1. If "Anonymous access" is turned on. SMTP Virtual Server properties, > Access page, Authentication. 2. And, "Allow all computers which > successfully authenticate to relay, regardless of the list above." is > checked. SMTP Virtual Server properties, Access page, Relay. > > > > > Hello All and Happy Holidays! > >=20 > > I have a colleague whos Exchange 2000 server is being reported as > >Open > > > Relay by spamcop for the past month. I have tested his relay by=20 > >setting up a POP account in Outlook, putting the server that is > >being=20 reported as Open relay as my Outgoing SMTP server. =3D20 > >=20 When I try to send a message using Outlook, I get a return > >message > that > > 550 5.7.1 Unable to relay. I am relieved that it could not relay. > > That is good, however, why then is spamcop still reporting it to > >be=20 open relay? =3D20 =20 I have checked (over the phone) all his > >Virtual SMTP Server settings=20 to verify correct configuration. > >Everything seems to be "checked" or=20 "unchecked" as recommended by > >Microsoft. > >=20 > > We have Stopped/Started Services for SMTP =20 The Exchange 2000 > >server is behind a NAT and I have looked into the=20 possibility of > >this. I have been out on the spamcop site and for the=20 life of me > >cannot find a way to make them check the server again to=20 see if > >it is closed relay like ORDB does. =3D20 =20 Any ideas or > >comments???? =3D20 =20 =20 =20 Samantha Bridges Communications > >Technician Macomb Intermediate School District > > 44001 Garfield Road > > Clinton Township MI 48038-1100 > > (586) 228-3300 > >=20 > > [EMAIL PROTECTED] > > http://www.misd.net > >=20 > >=20 > > CONFIDENTIALITY NOTICE: This email message, including any > >attachments, > > > is for the sole use of the intended recipient(s) and may contain=20 > > confidential and privileged information. Any unauthorized review, > > use, > > > disclosure or distribution is prohibited. If you are not the > >intended=20 recipient, please contact the sender by reply email and > >destroy all=20 copies of the original message. > >=20 > > =3D20 > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=3Dexchange&text_mo > de=3D= > & > lang=3Denglish > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
