RE: open relay on Exchange 2000

  • From: "Mark Fugatt" <mark@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 4 Sep 2002 17:49:59 -0400

They cannot just make up a username and password, it has to be a real
username and password.

Mark Fugatt
Pentech Office Solutions Inc
www.4mcts.com
www.exchangetrainer.com
Tel:  585 586 3890
Fax: 585 249 0316
Cell: 585 576 4750
Visit www.msexchange.org for valuable information about Microsoft Exchange


-----Original Message-----
From: maplesoft@xxxxxxxxxxxxx [mailto:maplesoft@xxxxxxxxxxxxx]
Sent: Wednesday, September 04, 2002 5:49 PM
To: [ExchangeList]
Subject: [exchangelist] open relay on Exchange 2000


http://www.MSExchange.org/

We have recently set up Exchange 2000. We wanted to make sure we did not
have
any open relays and followed the instructions given in Mark Fugatt's
article:
"Understanding Relaying and Spam with Exhange 2000."

Testing with the telnet session is successful, however, if a spammer really
wants to use our server, all they need  to do is setup an Outlook Express
client with a bogus email address, tell OE to authenticate to our smtp
server
and provide a bogus username and password and the email will be relayed.

I do not know what we missed, but we must have missed something.  If anyone
has any ideas, we would greatly appreciated them.

Thanks,
Scot

------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
mark@xxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')





Other related posts: