What's New  


Click here to subscribe
to our weekly newsletter
Exchange Messaging Outlook
EMO back issues

To prevent SMTP relaying with Microsoft Exchange Server
Sponsored by

Block Spam at Server Level
Block Spam at Server Level
Get the leading server based anti spam software:
GFI MailEssentials. Now starting at only $207!

Relaying is the transfer of messages via SMTP from one server to another. You'll want to prevent unauthorized senders -- in other words, spammers -- from using your Exchange Server as an SMTP relay to hide the real origin of their messages. Exchange Server 5.0 is vulnerable to unauthorized relaying if you allow local SMTP users -- as you probably would if you have users connecting with a POP client. Exchange Server 5.5 adds restrictions to allow the administrator to specify who can and cannot relay mail through the server.

Basics | Exchange 5.5 relay vulnerability patches | Tools | More Information

Basics

 Exchange 2000:
  • Understanding Relaying and Spam with Exchange 2000
    •

    Exchange 5.5:

  • XADM How to Secure the Internet Mail Service and Clean Up After Unsolicited Commercial E-mail or Spam Abuse
  • Is Your Exchange [5.5] Server Relay-Secure?  (Exchange Administrator newsletter)
  • XIMS: How To Stop Spam Mail Messages from using IMS Relay agent  
  • XFOR: Restricting Routing in the Internet Mail Service  
  • XCLN: Routing Restrictions Require SMTP Authentication  
  • XIMS Guest Account Allows Relaying Regardless of Routing Restrictions
  • Preventing Third Party Relaying In MS Exchange Server 5.5
    •
    Back to Top

     

    Exchange 5.5 relay vulnerability patches

    		 Several vulnerabilities could open Exchange Server 5.5 to SMTP relaying, even if you have implemented anti-relaying measures. See:
  • Microsoft Security Bulletin -- MS02-011 Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service
  • Microsoft Security Bulletin MS99-027 - Encapsulated SMTP Address Vulnerability
  • XIMS Messages Sent to Encapsulated SMTP Address Are Rerouted Even Though Rerouting Is Disabled  
    •
    Back to Top

     

    Tools

    		 Many of the add-ins listed under Content Control Tools or Anti-virus Tools also include anti-spam functions.
    Back to Top

     

    More Information
  • XFOR: Online Resources for Spam Mail Testing and Information
  • XFOR: Configuring Message Filtering on the Internet Mail Service
  • XIMS Microsoft SMTP Servers May Seem to Accept and Relay E-Mail Messages in Third-Party Tests
  • Open Relay Database -- list of mail servers with open relays, if you want to do DNS lookups to block mail from such machines
    • This page is printer friendly
    Updated Jul 15 2008
    Copyright Slipstick Systems. All rights reserved.
    Send comments using our Feedback page

    Home | What's New | Exchange Server | Outlook | Utilities | Bookstore
    About Slipstick | Feedback | Privacy Policy | Site Map | Archived Pages | Link to Us | Advertise