Spam relay war, day 3 Questions

Spam relay war, day 3 Questions

Post by Ray Turle » Thu, 03 Dec 1998 04:00:00



Ref 1) How do I turn off SMPT relay for hosts outside our domain?  December
02, 1998 1:30 AM, Michael J. Carter
2) Spamer forwarding thru our system.  Help,  November 30, 1998 5:47 PM, Ray
Turley

Still looking for a complete fix for the relay problem.  We are Exchange ver
5.5 pre sp1.  We identified a spamer routing thru us.  We reconfigured in
admin to configuration/connections/IMS/delivery restrictions/ do not
reroute incoming SMTP mail.  No significant problems, and no spam
rerounting.  The guy may have just given up for a while.  After added
research we become concerned we may still be vulnerable.  Tried the test in
http://maps.vix.com/tsi/ and it report we may be vulnerable.  We elected to
try relay restrictions by regestry changes.  Best choice appeared to be the
one that ' Specifies hosts that can relay messages through your server'
(RelayAllowList, REG_MULTI_SZ)  We elected to leave the value blank so no
one was relayed.  This closed the hole.  If you tried, you got a 550
Relaying is prohibited.  But we found it also stopped all Internet in to our
users.  I am looking at the Service Pack 1 htm readme.  It appears SP1 just
automates these regestry changes.  My new questions are:
1) If you did SP1, choose host and clients that can route, and then did not
specify anyone would it also stop Internet mail to internal users?
2) Will it pass the relay test?
3) Could I just specify my exchange server to get the internal users
working?
4) Any better suggestions?

.

 
 
 

Spam relay war, day 3 Questions

Post by oncemywa » Thu, 03 Dec 1998 04:00:00


Quote:>1) If you did SP1, choose host and clients that can route, and then did not
>specify anyone would it also stop Internet mail to internal users?

There is a checkbox in this new "Routing restriction" interface which allows
routing for "Hosts and clients that successfully authenticate"

Quote:>2) Will it pass the relay test?

After applying the restrictions, we did pass the test.

 
 
 

Spam relay war, day 3 Questions

Post by Rich Matheis » Fri, 04 Dec 1998 04:00:00



>Still looking for a complete fix for the relay problem.  We are Exchange ver
>5.5 pre sp1.  

Install SP1. Or get a hot fixed MSEXCIMC.EXE from MS PSS. The RTM code
had problems with the registry data if there was more than one line of
information in any of the REG_MULTI_SZ values.

Quote:>We identified a spamer routing thru us.  We reconfigured in
>admin to configuration/connections/IMS/delivery restrictions/ do not
>reroute incoming SMTP mail.  No significant problems, and no spam
>rerounting.  The guy may have just given up for a while.  After added
>research we become concerned we may still be vulnerable.  Tried the test in
>http://maps.vix.com/tsi/ and it report we may be vulnerable.  

If you disabled rerouting then you aren't vulnerable. Your IMS would
try to deliver the message locally, and fail, but it won't relay.

Quote:>We elected to
>try relay restrictions by regestry changes.  Best choice appeared to be the
>one that ' Specifies hosts that can relay messages through your server'
>(RelayAllowList, REG_MULTI_SZ)  We elected to leave the value blank so no
>one was relayed.  This closed the hole.  If you tried, you got a 550
>Relaying is prohibited.  But we found it also stopped all Internet in to our
>users.  

Try this combination:

RelayFlags = 0x2
RelayAllowList = your IMS's IP address

Quote:>I am looking at the Service Pack 1 htm readme.  It appears SP1 just
>automates these regestry changes.  

It also fixed the bugs in the IMS.

Quote:>My new questions are:
>1) If you did SP1, choose host and clients that can route, and then did not
>specify anyone would it also stop Internet mail to internal users?
>2) Will it pass the relay test?
>3) Could I just specify my exchange server to get the internal users
>working?
>4) Any better suggestions?

See above.

----------------------------------------------------------------
Richard Matheisen                           Wang Laboratories
Microsoft Certified System Engineer         Tewksbury, MA USA