RE: Using SMTP Engine from outside the network

  • From: "Carl Houseman" <c.houseman@xxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Sun, 15 Jan 2006 21:34:08 -0500

It may or may not be "normal" (i.e. "default") depending on your version of
Exchange.  The feature you have left enabled (Exchange 5.5) or accidentally
enabled (Exchange 200x) is called "relay".

Information on turning it off:

If the above isn't sufficient, then identify your version of Exchange for
more specific instruction.

You might also check to see if your mail system's outside IP address has
been blacklisted.  If so, it means your mail system has been used for
sending spam.  Use "Spam database lookup"

Even permitting relay just to authorized users is hazardous and can leave
your mail system open to abuse from unauthorized parties, unless you ensure
that authorized relayers have very strong passwords.

-----Original Message-----
From: Bryan [mailto:mjtech@xxxxxxxxx] 
Sent: Sunday, January 15, 2006 9:10 PM
To: [ExchangeList]
Subject: [exchangelist] Using SMTP Engine from outside the network

Hi all,

I was working on a batch file to make it run ipconfig /all create a text
file with the result and email it to me.
While working on it I discovered that I was able to use our SMTP engine
from outside without any authentication, like this:

commail.exe -from=MyEmail1@xxxxxxxxxxxxxxx

Is this normal?

How can I secure it so it would only be used by authorized personels.


Other related posts: