| Author |
Message |
Bill
Guest
|
 Posted:
Tue Jan 04, 2005 9:43 am Post subject:
POP3 access |
|
|
Got the Spam Relay stopped, now nobody who can authenticate can relay either.
Running Svr3k and exch3k. All Outlook clients are 2003. SPs and Critical
Security in place. Need Help........
--
Many thanks,
Bill
|
|
| Back to top |
|
 |
Lanwench [MVP - Exchange]
Guest
|
| Posted:
Tue Jan 04, 2005 11:27 pm Post subject:
Re: POP3 access |
|
|
Bill wrote:
| Quote: | Got the Spam Relay stopped, now nobody who can authenticate can relay
either. Running Svr3k and exch3k. All Outlook clients are 2003. SPs
and Critical Security in place. Need Help........
|
Who actually needs to relay?
If you have external POP/IMAP users, you can always have them use their
ISP's SMTP server for outbound mail. Internal clients should be using
Outlook/MAPI to connect directly to the mailbox and don't need to relay -
are you hosting all your mail directly on the Exchange server? If you're
using POP mail in Outlook, you can either a) allow all addresses on your
local IP subnet to relay or b) better still ditch this setup and host your
own mail.
If you really want to re-enable authenticated relay for some reason, and had
previously shut it off because it was being exploited, you need to make sure
you do something about your account/password policies.
See http://www.vamsoft.com/orf/authattack.asp
If you don't have strong/complex password policies enabled, force regular
password changes, have enabled guest, etc., someone may exploit
authenticated relay. |
|
| Back to top |
|
|
Bill
Guest
|
| Posted:
Wed Jan 05, 2005 3:55 am Post subject:
RE: POP3 access |
|
|
We host our own mail and use Exchange Server for mail on the LAN. We have
numerous employees around the country that need to access their mail on our
server. If I understand correctly, they can use their own ISP's mail server
for outgoing mail, our POP3 and we can completely eliminate the relay. Or
would RPC over HTTP be a better option?
"Bill" wrote:
| Quote: | Got the Spam Relay stopped, now nobody who can authenticate can relay either.
Running Svr3k and exch3k. All Outlook clients are 2003. SPs and Critical
Security in place. Need Help........
--
Many thanks,
Bill |
|
|
| Back to top |
|
|
Lanwench [MVP - Exchange]
Guest
|
| Posted:
Wed Jan 05, 2005 10:39 pm Post subject:
Re: POP3 access |
|
|
Bill wrote:
| Quote: | We host our own mail and use Exchange Server for mail on the LAN. We
have numerous employees around the country that need to access their
mail on our server. If I understand correctly, they can use their
own ISP's mail server for outgoing mail, our POP3 and we can
completely eliminate the relay.
|
Yep.
| Quote: | Or would RPC over HTTP be a better
option?
|
If you want them to have the "full Outlook/Exchange experience", yes, I'd
say so - they all need to be running XP SP1 or SP2. If they don't need
anything but e-mail, and you don't care if their data is stored on your
server (for backup/maintenance/legal reasons, whatnot), POP is fine also.
There's also OWA (but if they use POP also and have been, ain't nothin to
see in OWA, probably)
| Quote: |
"Bill" wrote:
Got the Spam Relay stopped, now nobody who can authenticate can
relay either. Running Svr3k and exch3k. All Outlook clients are
2003. SPs and Critical Security in place. Need Help........
--
Many thanks,
Bill |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in