Disable unauthorized SMTP Relay within Domain

Hi All,

We have Exchange 2013 SP1 infrastructure on top of Windows Server 2012 R2. We have a DAG and CAS NLB clusters.

Anyone can relay Emails from my SMTP to all users within my domain without authentication.However no one can send emails outside my domain (external Emails without authentication).

All these emails are sent through Default Front end Receive Connector, and we cannot Disable Anonymous Users from connector security settings as by doing this we will not receive emails from External World. Please refer the attached snapshot.

Need your suggestion to implement SMTP security to restrict Unauthorized SMTP Relay.

May 7th, 2015 5:38am

"Anyone can relay Emails from my SMTP to all users within my domain without authentication."

That's not relay, that's submission.  Relay means send mail through your servers to recipients outside your organization, e.g., the Internet.

http://lmgtfy.com/?q=enable+smtp+relay+exchange+20

May 8th, 2015 12:38am

Thank you for your reply.

I am sorry if I was not clear in  the last post. Is their a was to stop this unauthorized Submission?

Like if my domain is xyz.com users that exists on my exchange servers can only submit emails, if someone try's to use a user name john@abc.com should not be submitted. Is there a way to restrict this?

Thanks

May 8th, 2015 7:51am

Hi ,

Why don't we restrict the "remote network settings" on the receive connector to only authorized ip address to receive emails on the "default receive connector"over port no 25 .

Free Windows Admin Tool Kit Click here and download it now
May 8th, 2015 8:02am

The parameter is "RemoteIPRanges".  The way to stop unauthorized hosts from connecting is to only allow those that you authorize using that parameter.
May 8th, 2015 11:31am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics