SMTP Vitrual Server---Relay question ( SPAM )

SMTP Vitrual Server---Relay question ( SPAM )

Post by BG » Fri, 29 Mar 2002 00:45:17



What is the best practice to lock out Spammers, yet still be able to receive
outside emails and service remote users?

I have one Ex2K w/ SP2 running on Win2K w/SP2.

 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by <david.b.. » Fri, 29 Mar 2002 01:30:03


Well you probably should not have your Exchange server be
the external gateway that can actually be connected to
from the Internet. Best practice is to have something like
MIME Sweeper or WebShield be your visable SMTP gateways to
the internet as those kind of products give you lots of
anti-spamming options when compared to standard Exchange.
Still if you have to have Exchange as your gateway make
sure that you go to your virtual SMTP server properties
and on the access tab you will see a "relay" button.  Hit
this button and configure the dialog box so that you
have "only the list below" and "allow all computers which
successfully authenticate to relay regardless of the list
above" both selected.  Once this is applied other E2k
servers in your domain will be able to relay off of the
SMTP server but nothing external will unless you add the
machines IP address into the list.
Also on the "access" tab is the "connection" button so hit
this and make sure you have selected "all except the list
below".  Then if a partcular domain or IP address starts
to send lots of spam to your users you can add them into
this list.

Quote:>-----Original Message-----

>What is the best practice to lock out Spammers, yet still
be able to receive
>outside emails and service remote users?

>I have one Ex2K w/ SP2 running on Win2K w/SP2.

>.


 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by BG » Fri, 29 Mar 2002 11:22:42


Thank you for responding.
Currently our exchange is the Gateway.  I have Only the list below and Allow
all computers which successfully authenticate to relay, regardless of the
list above.
However, the relay still appears to be open.
Anonymous is checked in the Authentication section, therefore all computers
authenticate.
If I uncheck Anonymous, no outside mail is permitted at all.


Quote:> Well you probably should not have your Exchange server be
> the external gateway that can actually be connected to
> from the Internet. Best practice is to have something like
> MIME Sweeper or WebShield be your visable SMTP gateways to
> the internet as those kind of products give you lots of
> anti-spamming options when compared to standard Exchange.
> Still if you have to have Exchange as your gateway make
> sure that you go to your virtual SMTP server properties
> and on the access tab you will see a "relay" button.  Hit
> this button and configure the dialog box so that you
> have "only the list below" and "allow all computers which
> successfully authenticate to relay regardless of the list
> above" both selected.  Once this is applied other E2k
> servers in your domain will be able to relay off of the
> SMTP server but nothing external will unless you add the
> machines IP address into the list.
> Also on the "access" tab is the "connection" button so hit
> this and make sure you have selected "all except the list
> below".  Then if a partcular domain or IP address starts
> to send lots of spam to your users you can add them into
> this list.

> >-----Original Message-----

> >What is the best practice to lock out Spammers, yet still
> be able to receive
> >outside emails and service remote users?

> >I have one Ex2K w/ SP2 running on Win2K w/SP2.

> >.

 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by <david.b.. » Fri, 29 Mar 2002 18:49:37


Do you have "Allow messages to be relayed to these
Domains" on your SMTP connector?  If you do try un-
checking this check box and re-test relaying. If you have
a connector where the address space is basically
everything e.g. * then this can overide the relaying
restrictions set on the SMTP virtual server itself.

Quote:>-----Original Message-----
>Thank you for responding.
>Currently our exchange is the Gateway.  I have Only the

list below and Allow
Quote:>all computers which successfully authenticate to relay,
regardless of the
>list above.
>However, the relay still appears to be open.
>Anonymous is checked in the Authentication section,

therefore all computers
>authenticate.
>If I uncheck Anonymous, no outside mail is permitted at
all.



>> Well you probably should not have your Exchange server
be
>> the external gateway that can actually be connected to
>> from the Internet. Best practice is to have something
like
>> MIME Sweeper or WebShield be your visable SMTP gateways
to
>> the internet as those kind of products give you lots of
>> anti-spamming options when compared to standard
Exchange.
>> Still if you have to have Exchange as your gateway make
>> sure that you go to your virtual SMTP server properties
>> and on the access tab you will see a "relay" button.  
Hit
>> this button and configure the dialog box so that you
>> have "only the list below" and "allow all computers
which
>> successfully authenticate to relay regardless of the
list
>> above" both selected.  Once this is applied other E2k
>> servers in your domain will be able to relay off of the
>> SMTP server but nothing external will unless you add the
>> machines IP address into the list.
>> Also on the "access" tab is the "connection" button so
hit
>> this and make sure you have selected "all except the
list
>> below".  Then if a partcular domain or IP address starts
>> to send lots of spam to your users you can add them into
>> this list.

>> >-----Original Message-----

>> >What is the best practice to lock out Spammers, yet
still
>> be able to receive
>> >outside emails and service remote users?

>> >I have one Ex2K w/ SP2 running on Win2K w/SP2.

>> >.

>.

 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by <david.b.. » Fri, 29 Mar 2002 19:03:08


It may be worth also checking that you genuinely are still
open to relays before taking off the relay option in the
connector.  Try and relay to something like a hotmail
account.  In certain circumstances the Exchange server
looks like it is relaying because it seems to except the
mail but you will actually find it still does not relay.

>-----Original Message-----
>Do you have "Allow messages to be relayed to these
>Domains" on your SMTP connector?  If you do try un-
>checking this check box and re-test relaying. If you have
>a connector where the address space is basically
>everything e.g. * then this can overide the relaying
>restrictions set on the SMTP virtual server itself.

>>-----Original Message-----
>>Thank you for responding.
>>Currently our exchange is the Gateway.  I have Only the
>list below and Allow
>>all computers which successfully authenticate to relay,
>regardless of the
>>list above.
>>However, the relay still appears to be open.
>>Anonymous is checked in the Authentication section,
>therefore all computers
>>authenticate.
>>If I uncheck Anonymous, no outside mail is permitted at
>all.



>>> Well you probably should not have your Exchange server
>be
>>> the external gateway that can actually be connected to
>>> from the Internet. Best practice is to have something
>like
>>> MIME Sweeper or WebShield be your visable SMTP
gateways
>to
>>> the internet as those kind of products give you lots of
>>> anti-spamming options when compared to standard
>Exchange.
>>> Still if you have to have Exchange as your gateway make
>>> sure that you go to your virtual SMTP server properties
>>> and on the access tab you will see a "relay" button.  
>Hit
>>> this button and configure the dialog box so that you
>>> have "only the list below" and "allow all computers
>which
>>> successfully authenticate to relay regardless of the
>list
>>> above" both selected.  Once this is applied other E2k
>>> servers in your domain will be able to relay off of the
>>> SMTP server but nothing external will unless you add
the
>>> machines IP address into the list.
>>> Also on the "access" tab is the "connection" button so
>hit
>>> this and make sure you have selected "all except the
>list
>>> below".  Then if a partcular domain or IP address
starts
>>> to send lots of spam to your users you can add them
into
>>> this list.

>>> >-----Original Message-----

>>> >What is the best practice to lock out Spammers, yet
>still
>>> be able to receive
>>> >outside emails and service remote users?

>>> >I have one Ex2K w/ SP2 running on Win2K w/SP2.

>>> >.

>>.

>.

 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by BG » Sat, 30 Mar 2002 00:37:01


Thank you very much for all your help!!


> It may be worth also checking that you genuinely are still
> open to relays before taking off the relay option in the
> connector.  Try and relay to something like a hotmail
> account.  In certain circumstances the Exchange server
> looks like it is relaying because it seems to except the
> mail but you will actually find it still does not relay.

> >-----Original Message-----
> >Do you have "Allow messages to be relayed to these
> >Domains" on your SMTP connector?  If you do try un-
> >checking this check box and re-test relaying. If you have
> >a connector where the address space is basically
> >everything e.g. * then this can overide the relaying
> >restrictions set on the SMTP virtual server itself.

> >>-----Original Message-----
> >>Thank you for responding.
> >>Currently our exchange is the Gateway.  I have Only the
> >list below and Allow
> >>all computers which successfully authenticate to relay,
> >regardless of the
> >>list above.
> >>However, the relay still appears to be open.
> >>Anonymous is checked in the Authentication section,
> >therefore all computers
> >>authenticate.
> >>If I uncheck Anonymous, no outside mail is permitted at
> >all.



> >>> Well you probably should not have your Exchange server
> >be
> >>> the external gateway that can actually be connected to
> >>> from the Internet. Best practice is to have something
> >like
> >>> MIME Sweeper or WebShield be your visable SMTP
> gateways
> >to
> >>> the internet as those kind of products give you lots of
> >>> anti-spamming options when compared to standard
> >Exchange.
> >>> Still if you have to have Exchange as your gateway make
> >>> sure that you go to your virtual SMTP server properties
> >>> and on the access tab you will see a "relay" button.
> >Hit
> >>> this button and configure the dialog box so that you
> >>> have "only the list below" and "allow all computers
> >which
> >>> successfully authenticate to relay regardless of the
> >list
> >>> above" both selected.  Once this is applied other E2k
> >>> servers in your domain will be able to relay off of the
> >>> SMTP server but nothing external will unless you add
> the
> >>> machines IP address into the list.
> >>> Also on the "access" tab is the "connection" button so
> >hit
> >>> this and make sure you have selected "all except the
> >list
> >>> below".  Then if a partcular domain or IP address
> starts
> >>> to send lots of spam to your users you can add them
> into
> >>> this list.

> >>> >-----Original Message-----

> >>> >What is the best practice to lock out Spammers, yet
> >still
> >>> be able to receive
> >>> >outside emails and service remote users?

> >>> >I have one Ex2K w/ SP2 running on Win2K w/SP2.

> >>> >.

> >>.

> >.

 
 
 

SMTP Vitrual Server---Relay question ( SPAM )

Post by Craig Matthew » Sat, 20 Apr 2002 05:36:37


What has really helped me get rid of spam is filtering for:

Subject Line: [4 consecutive blank spaces]
Message Body:  "to unsubscribe"    or   "remove in the subject line"  and
anything else
that the law requires spammers to put in their spam.  In addition -- this
works really good because these spammers put that *into their email just
to make it legit.  Another good one to to filter for is "This is not spam"

Works great here.  If there are legit mailing lists you don't want filtered,
make a rule to check for them that bypasses the spam filter rule.

Craig


Quote:

> What is the best practice to lock out Spammers, yet still be able to
receive
> outside emails and service remote users?

> I have one Ex2K w/ SP2 running on Win2K w/SP2.

 
 
 

1. SMTP Relay Spam Prevention Question

I just installed an Exchange 2000 with SP1 email server on Windows 2000. I
want to prevent my mail relay from allowing anonymous people on the internet
from using my mail server as a relay for them to send somewhere else. In
Exchange 5.5 there was a setting called "Do not reroute incoming SMTP mail".
Where is this or its equivilant in 2000?

I tried setting relay restrictions in the SMTP protocol. Allow only the list
below, and put my exchange server in that list. This caused all incoming
email to be bounced saying:


<ipaddress> does not like recipient.

Giving up on <ipaddress>

I also tried playing with the authentication methods but no joy...

What or how can you do this with Exchange 2000?

Thanks in advance for
Chaozz

2. Out Of Office Doesn't Work

3. Installing MS Exchange

4. User removed form group but still receives mail for group.

5. HELP!:Mail stuck in vitrual smtp server

6. IMS Service time to connect prob??

7. Prevent using my SMTP/Proxy Server as a mail relay server for other's spam

8. questions on internet email relay, spam, ex2k server

9. Relay Question - Junk Email and Spam

10. Spam relay war, day 3 Questions

11. SPAM! Relay question