Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Stop SPAM. 1

Status
Not open for further replies.
meekrob

meekrob

MIS
Feb 13, 2002
127
US
If you operate a mail server and have not been tested for an open relay I highly recomend you do so. An open relay can allow a spammer to hijack your email server and relay massive amounts of spam through it. This is obviously bad for the internet community in general but it is also bad for you. Besides eating up your bandwidth and CPU resources you will probably end up becoming listed on one of many anti-spam lists. This is bad. Check out the FAQ at ordb for more info:


Do I have an open relay?
You can also test your server at ordb.

How do I close an open relay in Exchange 2000?
Here is a FAQ I wrote. Feel free to let me know if it sucks, and I will update it.
(if the link breaks just go to the FAQ section - it's not hard to find)
 
Your FAQ is the default configuration. Please correct me if I am wrong. Dan
Microsoft Exchange Support @ Microsoft
 
Yes and no. The point of the FAQ is that admins need to be aware of what IP's they allow and:

"The best practice here is to choose Only the list below. That way anything that is not explicitly allowed is denied. Add the IP addresses that need to use your server as a relay. In other words all your clients that send email using SMTP."

This kind of security simply can't come in a default configuration. For example my relay is set to communicate with only one IP - the gateway server.

Maybe the faq needs a little more polish... I'm just trying to point people in the right direction. If you want to give me some more information about the default configuration I can add that. I can't actually remember exactly what the default config was...

However if you are saying that admins should not be aware of relay security because Exchange has a secure default configuration I disagree. Read Microsoft Security Bulletin MS02-011. Open relay tests are as essential to an email admin as an AIDS test is essential to a porn star. In my opinion =)

Off topic: BTW thanks for your help earlier ... it looks like my problem is client side and not server side.
 
Only the list below is the default config. That is what I was getting at :) Dan
Microsoft Exchange Support @ Microsoft
 
Status
Not open for further replies.

Similar threads

jmics
  • Locked
  • Question
Exchange 2010 spam filter
Replies
0
Views
275
jmics
jmics
rushej
  • Locked
  • Question
Spam on Exchange2010 Server
Replies
1
Views
258
Alex Robinson
Alex Robinson
bawalker
  • Locked
  • Question
Exchange 2010 Stops Sending/Recieving Mail every 4-6hrs
Replies
1
Views
324
DrB0b
DrB0b
testman1
  • Locked
  • Question
Anti-Spam Question
Replies
4
Views
292
testman1
testman1
njellis
  • Locked
  • Question
Exchange 2007 Server sending spam
Replies
5
Views
335
njellis
njellis

Part and Inventory Search

Sponsor

Back
Top