relaying in exchange 2000

From: Eugene Chai (eugene@axiomlegal.com)
Date: 11/28/01


Subject: relaying in exchange 2000
Date: Tue, 27 Nov 2001 18:16:39 -0500
Message-ID: <1316CB01528E8C48A71468E2175BE5591BAD00@mx.axiomlegal.com>
From: "Eugene Chai" <eugene@axiomlegal.com>
To: <security-basics@securityfocus.com>


> Hello.
>
> Here's my deal.
>
> I got about thirty employees outside the office that access our
> exchange server through IMAP to get their email. Relaying was left
> open so that it is possible for them to send out through our email
> server regardless of how they are connected through the internet.
> Well, seems someone is using my email server for spamming purposes.
> Ummm... So I did everything i'm supposed to do in the virtual SMTP
> properties. i tried to deny relay access from the hotmail.com and
> yahoo.com domains. that doesn't work, i tired to disable anonymous
> authentication in the acess tabs, but this prevents anyone from
> sending. SUpport tells me i should enable a password authentication
> on the outgoing server. Did that, and it rejects the password. Tried
> only basic authentication, nope. Tried every combination of basic,
> integrated, and anonymous authentication. Nope. It either allows
> everyone to relay or no one to send. On the relay tab, i tried grant
> relay to only the list below and left the list empty but checked
> "Allow all computers who authenticate to relay, regardless of list
> above" this doesn't work- no one can send.
>
> Am i making sense here? Please ask me to be more specific if i am not
> making any sense because i do not wanna call micro$oft.
>
>
> sorry and thanks so much.
>
> Eugene
>



Relevant Pages

  • Re: WM5 can not sync to exchange
    ... On the SBS 2003 Server open the Server Management console. ... Please verify Authentication settings by the following steps. ... Open IIS Manager ... Collect the IIS metabase on Exchange Server and send to me: ...
    (microsoft.public.windows.server.sbs)
  • [NT] Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation (MS04-002)
    ... Access on Windows 2000 and Windows Server 2003, ... back-end Exchange 2003 servers that are running Windows Server 2003. ... Kerberos authentication is used as the HTTP authentication ... Windows Server 2003 server that also functions as an Exchange Server 2003 ...
    (Securiteam)
  • Re: Problems sending email in SBS 2008
    ... The default connector has the following ticks on the Authentication ... Ticked - Exchange Server Authentication ...
    (microsoft.public.windows.server.sbs)
  • Re: Periodic http_500 errors
    ... Synchronization failed due to an error on the server. ... An authentication error occurred connecting to the server. ... Kerberos authentication when communicating with the Exchange server. ...
    (microsoft.public.pocketpc.activesync)
  • Re: WebDAV and IE browser access "Public folder"
    ... I have told customer this, ... If your customer in using Basic authentication then they are probably also ... the server config). ... My app uses NTLM method to talk with Exchange server. ...
    (microsoft.public.exchange2000.development)