Our mail server is an open relay. Every time I try to prevent relaying
I also prevent all of the email clients on the LAN from sending email.
Our email server is a NT 4.0SP6 box running Exchange 5.5 SP4.
The 'Hosts and clients with these IP addresses' routing restriction is
causing me grief. In order to prevent relaying I need to check this
checkbox. However, checking this checkbox also prevents all of the
email clients on the LAN from sending email. At first I checked the
'Hosts and clients with these IP addresses' checkbox and left the list
of IP addresses empty. Although this prevented relaying it also
prevented email clients on the LAN from sending email. Then I checked
this checkbox and built a list of local IP addresses, but sadly met
with the same result. The only alternative seems to be an open relay,
which is really evil.
In search of some insight I telnetted to our email server on port 25.
I tried to send an email to myself, but the email server rejected me.
220 ESMTP spoken here
250 xxxx.xxxxxxx.xxx Hello [192.168.1.199]
mail from: xxxxxx.xxxxxxx.xxx
250 xxxxxx.xxxxxxx.xxx....Sender OK
rcpt to: xxxxxx.xxxxxxx.xxx
550 Unable to relay for xxxxxx.xxxxxxx.xxx
I thought that email clients on the LAN would be unaffected by mail
relay settings. Therefore I thought that I would be able to send an
email to myself, but I was unable. I read the article 'Is Your
Exchange Server Relay Secure?' and various technet articles but they
didn't give me any further insight. I'm confused, and any help would
really be appreciated.