RE: How to log SMTP AUTH traffic

  • From: Raji Arulambalam <rajia@xxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 20 Oct 2003 10:59:14 +1300

Hi

Thanks Tom.

---------------------------------------------
Raji Arulambalam       
Senior Systems Administrator          
Environment Bay of Plenty - Regional Council
5 Quay Street, P O Box 364, Whakatane, New Zealand
--------------------------------------------
Why isn't there mouse-flavored cat food?



-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Monday, October 20, 2003 10:48 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: How to log SMTP AUTH traffic


http://www.ISAserver.org

Hi Raji,

Remove the AUTH verb from the SMTP filter's list.  Anonymous inbound
relays to domains under your adminsitrative control should never allow
authentication. 

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Raji Arulambalam [mailto:rajia@xxxxxxxxxxxxxx] 
Sent: Sunday, October 19, 2003 4:44 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] How to log SMTP AUTH traffic


http://www.ISAserver.org

Hi

How can I configure ISA server to log  SMTP AUTH traffic hitting the
server.??  To set up an alert to warn of an attack.

Its a new form of spammers attack to get logon authentication to gain
access
to relaying in Exchange 2000/2003.

---------------------------------------------
Raji Arulambalam       
Senior Systems Administrator          
Environment Bay of Plenty - Regional Council
5 Quay Street, P O Box 364, Whakatane, New Zealand
--------------------------------------------

Email disclaimer: This email and any attachments are confidential. If you are 
not the intended recipient, do not copy, disclose or use the contents in any 
way. If you receive this message in error, please let us know by return email 
and then destroy the message. Environment Bay of Plenty is not responsible for 
any changes made to this message and/or any attachments after sending.
******************************************************
This e-mail has been checked for viruses and no viruses were detected.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2003