We have a customer with a Windows 2003 x64 server running Exchange 2007, The company who provide the spam filtering for thiscustomer have reported the exchange server to be an open relay. The reason they report this is that the server responds in the following manner. If you telnet to the exchange server (internal or external) on port 25 and issue the following commands with suitable domains: in this case the server is for the domain athirddomain.com helo mail from: anyaddress@adomain.com rcpt to: "anaddress@aseconddomain.com"@athirddomain.com data anything you like its just text . This will queue the email and it will be delivered to anaddress@aseconddomain.com The followingalso appears to work: helo mail from: anyaddress@adomain.com rcpt to: aseconddomain!anaddress@athirddomain.com data anything you like its just text . This will queue the email and it will be delivered to anaddress@aseconddomain.com Has anyone else encountered this and how can we stop it?

Hi, I would like to confirm whether the athirddomain.com is the trust domain or internal domain of the Exchange server 2007. If so, that is normal when running telnet command to simulate the email. To open the relay permission to Anonymous, we need to grant the ms-Exch-SMTP-Accept-Any-Recipient permission to the Anonymous user on the Receive connector. If this permission isn't granted, only messages addressed to recipients in accepted domains are accepted by this connector. That means the relay is only for the authentication user. To confirm whether the current Exchange server has opened the relay permission, please run the following command: Get-adpermission identity Receive Connector user NT AUTHORITY\ANONYMOUS LOGON |FL Please check whether the ExtendedRights has opened for ms-Exch-SMTP-Accept-Any-Recipient For more information, please refer to: Allowing application servers to relay off Exchange Server 2007 http://msexchangeteam.com/archive/2006/12/28/432013.aspx Thanks Allen