Re: Problems with Exchange 2000 as open relay

From: Richard Buckingham (richard_at_STAMPS.COM)
Date: 12/17/03

  • Next message: rotaiv: "Re: Problems with Exchange 2000 as open relay" 
    Date:         Tue, 16 Dec 2003 16:14:39 -0800
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Russ

    Few would ever need to configure a firewall to NAT like that (both the
    source and destination address) the source IP address of an incoming
    packet never changes through a typical (simple) firewall NAT. These are
    basic concepts of NAT and Routing TCP/IP.

    Also, in reply to Stanley... by turning off Authentication you do not
    have to break POP3/IMAP users... create a 2nd Virtual server on the same
    machine with only authenticated access (do not allow anonymous) and
    publish it through a 2nd external IP, then you have one IP for inbound
    SMTP and another for your remote authenticated users to use IMAP/POP3
    and relay SMTP.

    Rotaiv said that he turned off the "allow authenticated user.." option,
    as this will cause authenticated relaying if anonymous access is granted
    (which it is by default.)

    Richard

    -----
    Most viruses these days use spoofed email addresses. As such, using an Anti-
    Virus product which automatically notifies the perceived sender of a message
    it believes is infected may well cause more harm than good. Someone who did
    not actually send you a virus may receive the notification and scramble
    their support staff to find an infection which never existed in the first
    place. Suggest such notifications be disabled by whomever is responsible for
    your AV, or at least that the idea is considered.
    -----

  • Next message: rotaiv: "Re: Problems with Exchange 2000 as open relay"

    Relevant Pages

    • PPTP Routing Cisco 1841
      ... aaa authentication ppp default group radius local ... ip inspect name firewall tcp ... ip nat inside ... encapsulation aal5mux ppp dialer ...
      (comp.dcom.sys.cisco)
    • Re: Outlook using RPC over HTTPS does not authenticate using the Kerberos Realm
      ... Used Outlook in Safe Mode, ... For testing, client and server are on the same network, so no proxy server. ... Please first select "Integrated Windows Authentication" on the PRC virtual ... Disable firewall or antivirus on PC, ...
      (microsoft.public.exchange.admin)
    • Re: home network behind NAT and firewall ?
      ... >> real Firewall appliance with more than 20 systems at any given time. ... >> firewall provides for the ability to assign both public (not nat) and ... that would reset the router and allow remote control - it was noted ... >> LAN inside their network and it would never have to reach the ISP's ...
      (comp.security.firewalls)
    • Re: NAT vs. True Firewalls
      ... not just mean packet filter. ... A firewall can be made up of one or more ... components that can block or filter protocol traffic between two networks. ... So a NAT can be as much part of a firewall implementation as the ...
      (comp.security.firewalls)
    • Re: 56k dial up on laptop 802.11G ?
      ... NAT is not FW software. ... > firewall is literally anything that defends your network against ... >>By comparing the way NAT functions between two networks, ... >>And I consider the FW appliance to out class the packet filtering NAT ...
      (alt.internet.wireless)