Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Problems with Exchange 2000 as open relay
From: Richard Buckingham (richardSTAMPS.COM)
Date: Tue Dec 16 2003 - 18:14:39 CST
Few would ever need to configure a firewall to NAT like that (both the
source and destination address) the source IP address of an incoming
packet never changes through a typical (simple) firewall NAT. These are
basic concepts of NAT and Routing TCP/IP.
Also, in reply to Stanley... by turning off Authentication you do not
have to break POP3/IMAP users... create a 2nd Virtual server on the same
machine with only authenticated access (do not allow anonymous) and
publish it through a 2nd external IP, then you have one IP for inbound
SMTP and another for your remote authenticated users to use IMAP/POP3
and relay SMTP.
Rotaiv said that he turned off the "allow authenticated user.." option,
as this will cause authenticated relaying if anonymous access is granted
(which it is by default.)
Most viruses these days use spoofed email addresses. As such, using an Anti-
Virus product which automatically notifies the perceived sender of a message
it believes is infected may well cause more harm than good. Someone who did
not actually send you a virus may receive the notification and scramble
their support staff to find an infection which never existed in the first
place. Suggest such notifications be disabled by whomever is responsible for
your AV, or at least that the idea is considered.