Hi Matt Thanks for the mail. My server was relay protected and it was tested using telnet. Presently my problem is X user is getting mails from Y user which has not been sent by Y. Both X and Y are in my organization. While I traced the Internet Headers using outlook it is showing it has received from some outside domains. They are sending on behalf of my internal user. I have blocked the at addresses using firewall and IMS message Filtering. Other than this is there any way to stop this ?. Is this is Spamming? Expecting your reply Regards Arif -----Original Message----- From: Walkowiak, Matt [mailto:Matt.Walkowiak@xxxxxxxxxxxx] Sent: Wednesday, June 26, 2002 8:33 PM To: [ExchangeList] Subject: [exchangelist] RE: How to stop telnet access, spamming http://www.MSExchange.org/ - Re-Vamped! Arif- Telnet is just a tool that can have one computer talk to another computer on a specified port. The default port that telnet runs on is 23, but the "standard" telnet program lets one choose what port the user wants to talk on, for instance, 25 for SMTP, 80 for HTTP, 110 for POP3, 113 for AUTH... One of the ways messaging system admins do some quick checks on connectivity is to use telnet to see if they can see an SMTP server out on the Internet. We use the following command: telnet mail.domain.com 25 And we expect to get a 220 response, basically the remote SMTP server saying, "Hello, How's it going?" Another way to use the telnet command is to do a very low-level test to see if an SMTP server is an open relay. These are the commands that we use for this test: telnet mail.domain.com 25 get a 220 response helo localdomain.com get a 250 response (this is a positive response) mail from:asdf@xxxxxxxx (this is some random e-mail addy - doesn't matter other than it needs to be formatted correctly) get a 250 response rcpt to:ARealE-mailAddy@xxxxxxxxxxxxxxx (this is an e-mail addy that you can check - since you are sending an actual message, you want to know if you got the message, right?) get a 550 response - Relaying is prohibited. Ok, the remote SMTP server just yelled at me for trying to exploit it, and put me in my place! So, turning off "telnet" will do nothing good for you. If you turn off port 25, then you would get NO mail, good or bad. To keep your server from being a spam relay, do a search on MS's site for "spam relay". They have a few good articles. I would also bet that msexchange.org has some good stuff, too. If you are trying to stop people sending you spam, that's a little more tricky. Check out imgate.meiway.org - a guy named Len Conrad wrote some good directions on how to use a FreeBSD (or Linux) box running Postfix as an e-mail gateway that scans all mail passing thru it and drops certain messages based on your criteria. Takes a bit of effort to get everything ironed out, but worth it in the long run. Matt Walkowiak -----Original Message----- From: Arif, Aboo M [mailto:Aboo@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, June 25, 2002 10:58 PM To: [ExchangeList] Cc: Periyasamy, Raj Subject: [exchangelist] How to stop telnet access, spamming http://www.MSExchange.org/ - Re-Vamped! Hi I wanted to stop spamming on my mail system exchange 5.5. If I stop telnet access to my mail server whether it will stop Spamming ?. If yes how can I stop telnet access? Whether it will create any problem to incoming mails if I stop telnet on my server? Please help me on this regard. Thanks in Advance. Regards Aboo Arif Emcure Infotech Ltd. 2A/2, Kundan Estate, Bhaupatil Road Bhopodi Pune, Maharashtra 411020 Ph:5817111, 5817428, 29 www.emcureinfotech.com ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: matt.walkowiak@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: aboo@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')