| Author |
Message |
TOP
Guest
|
 Posted:
Wed Jan 19, 2005 6:22 am Post subject:
Followed the KBs but still an Open Relay? |
|
|
I followed the instructions to test whether my SBS server was an open relay.
The test indicated that it was. (opened telnet port 25... mail from:
spammer@spam.com... rcpt to: addy@anydomain.com... Result was 250 2.1.5
addy@anydomain.com)
I followed the instructions in KB 324958 to reset Exchange to default
settings, which supposedly do not allow open relaying. I made the following
two changes:
1) SMTP Virtual Directory, Access Tab, Relaying button: I checked the box to
allow authenticated users to relay regardless of their IP. (I'm not sure I
wanted to do this, as one way to be used as a relay is to have an account
hijacked by spammers and email was working fine with this box cleared)
2) Same window: I deleted 127.0.0.1 from the list of IPs that were allowed
access. (SBS Server's internal IP address was also there, and KB said to
leave it)
So the server is supposedly returned to its default state, which does not
allow relaying. But I tried the telnet test again and got the same result.
(250 addy@anydomain.com) It did not say "unable to relay for
addy@anydomain.com."
I turned on logging for the smtp transport. I'm receiving a number of SMTP
errors in the logs, including "unable to relay for..." (along with "need to
authenticate first" and "temporary lookup failure") but the 'telnet test'
says I'm still open, and I keep seeing open connections in the Virtual
Server that don't appear to be coming from any of my remote users.
The KB was for Exchange 2000. Would I need different settings for 2003? |
|
| Back to top |
|
 |
Jim Behning SBS MV
Guest
|
| Posted:
Wed Jan 19, 2005 6:46 am Post subject:
Re: Followed the KBs but still an Open Relay? |
|
|
I clear the checkmark for authenticated users.
Make sure the guest account is disabled. Make sure everyone has real
passwords.
The article you cited is what the tech support people will follow if
you call in for support. At least for Exchange 2000.
I found a few articles when I search support.microsoft.com key words
open relay exchange
http://www.microsoft.com/technet/prodtechnol/exchange/ExBPA/6d2c9c82-bcc2-4261-a30d-90536577c873.mspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;304897
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
"TOP" <speaker910@hotmail.com> wrote:
| Quote: | I followed the instructions to test whether my SBS server was an open relay.
The test indicated that it was. (opened telnet port 25... mail from:
spammer@spam.com... rcpt to: addy@anydomain.com... Result was 250 2.1.5
addy@anydomain.com)
I followed the instructions in KB 324958 to reset Exchange to default
settings, which supposedly do not allow open relaying. I made the following
two changes:
1) SMTP Virtual Directory, Access Tab, Relaying button: I checked the box to
allow authenticated users to relay regardless of their IP. (I'm not sure I
wanted to do this, as one way to be used as a relay is to have an account
hijacked by spammers and email was working fine with this box cleared)
2) Same window: I deleted 127.0.0.1 from the list of IPs that were allowed
access. (SBS Server's internal IP address was also there, and KB said to
leave it)
So the server is supposedly returned to its default state, which does not
allow relaying. But I tried the telnet test again and got the same result.
(250 addy@anydomain.com) It did not say "unable to relay for
addy@anydomain.com."
I turned on logging for the smtp transport. I'm receiving a number of SMTP
errors in the logs, including "unable to relay for..." (along with "need to
authenticate first" and "temporary lookup failure") but the 'telnet test'
says I'm still open, and I keep seeing open connections in the Virtual
Server that don't appear to be coming from any of my remote users.
The KB was for Exchange 2000. Would I need different settings for 2003?
|
Jim B. SBS Community Member
remove the mvp to send email |
|
| Back to top |
|
|
John Carrillo
Guest
|
| Posted:
Wed Jan 19, 2005 6:46 am Post subject:
Re: Followed the KBs but still an Open Relay? |
|
|
Make sure you are testing from outside your network and not from the inside.
"TOP" <speaker910@hotmail.com> wrote in message
news:uI2$a0b$EHA.2016@TK2MSFTNGP15.phx.gbl...
| Quote: | I followed the instructions to test whether my SBS server was an open
relay. The test indicated that it was. (opened telnet port 25... mail from:
spammer@spam.com... rcpt to: addy@anydomain.com... Result was 250 2.1.5
addy@anydomain.com)
I followed the instructions in KB 324958 to reset Exchange to default
settings, which supposedly do not allow open relaying. I made the
following two changes:
1) SMTP Virtual Directory, Access Tab, Relaying button: I checked the box
to allow authenticated users to relay regardless of their IP. (I'm not
sure I wanted to do this, as one way to be used as a relay is to have an
account hijacked by spammers and email was working fine with this box
cleared)
2) Same window: I deleted 127.0.0.1 from the list of IPs that were allowed
access. (SBS Server's internal IP address was also there, and KB said to
leave it)
So the server is supposedly returned to its default state, which does not
allow relaying. But I tried the telnet test again and got the same result.
(250 addy@anydomain.com) It did not say "unable to relay for
addy@anydomain.com."
I turned on logging for the smtp transport. I'm receiving a number of SMTP
errors in the logs, including "unable to relay for..." (along with "need
to authenticate first" and "temporary lookup failure") but the 'telnet
test' says I'm still open, and I keep seeing open connections in the
Virtual Server that don't appear to be coming from any of my remote users.
The KB was for Exchange 2000. Would I need different settings for 2003?
|
|
|
| Back to top |
|
|
TOP
Guest
|
| Posted:
Thu Jan 20, 2005 12:17 am Post subject:
Re: Followed the KBs but still an Open Relay? |
|
|
Thanks for the responses.
The guest account is disabled, but I was doing the testing from within the
network. I'll try it from home this evening. I've also registered with
abuse.net, but haven't tested through their site yet.
"Jim Behning SBS MVP" <jimbehingmvp@mindspring.com> wrote in message
news:6epru0db7hmm9dp7d7m5bbvpeq6la4l1dc@4ax.com...
| Quote: | I clear the checkmark for authenticated users.
Make sure the guest account is disabled. Make sure everyone has real
passwords.
The article you cited is what the tech support people will follow if
you call in for support. At least for Exchange 2000.
I found a few articles when I search support.microsoft.com key words
open relay exchange
http://www.microsoft.com/technet/prodtechnol/exchange/ExBPA/6d2c9c82-bcc2-4261-a30d-90536577c873.mspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;304897
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
"TOP" <speaker910@hotmail.com> wrote:
I followed the instructions to test whether my SBS server was an open
relay.
The test indicated that it was. (opened telnet port 25... mail from:
spammer@spam.com... rcpt to: addy@anydomain.com... Result was 250 2.1.5
addy@anydomain.com)
I followed the instructions in KB 324958 to reset Exchange to default
settings, which supposedly do not allow open relaying. I made the
following
two changes:
1) SMTP Virtual Directory, Access Tab, Relaying button: I checked the box
to
allow authenticated users to relay regardless of their IP. (I'm not sure I
wanted to do this, as one way to be used as a relay is to have an account
hijacked by spammers and email was working fine with this box cleared)
2) Same window: I deleted 127.0.0.1 from the list of IPs that were allowed
access. (SBS Server's internal IP address was also there, and KB said to
leave it)
So the server is supposedly returned to its default state, which does not
allow relaying. But I tried the telnet test again and got the same result.
(250 addy@anydomain.com) It did not say "unable to relay for
addy@anydomain.com."
I turned on logging for the smtp transport. I'm receiving a number of SMTP
errors in the logs, including "unable to relay for..." (along with "need
to
authenticate first" and "temporary lookup failure") but the 'telnet test'
says I'm still open, and I keep seeing open connections in the Virtual
Server that don't appear to be coming from any of my remote users.
The KB was for Exchange 2000. Would I need different settings for 2003?
Jim B. SBS Community Member
remove the mvp to send email |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in