• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Don't Be a Spam Relay Site

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> Tips & Tricks >> Don't Be a Spam Relay Site Page: [1]
Login
Message << Older Topic   Newer Topic >>
Don't Be a Spam Relay Site - 28.Jul.2001 6:34:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
When you configure your mail publishing solution, make sure that your configuration does not allow for mail relay. If you do, you'll notice a lot of traffic on your external interface from spammers using your site as a relay.

Here's helpful post on testing your relay configuration:

Also, (sorry for going slightly off-topic, Tom!) this is a great link to test to make sure your mailserver isn't relaying mail -- definitely worth your time running. http://www.mail-abuse.org/tsi/ar-test.html

Take care,
Mike

------------------
Michael J. van Zwieten
MCSE [NT4] (W2K WANNABE)
mvanzwieten@flcities.com
\\\\\\\\\\\\\\\
===========================

HTH,
Tom

------------------
http://www.isaserver.org/shinder/



Get It Here!

Post #: 1
RE: Don't Be a Spam Relay Site - 11.Dec.2001 5:26:00 PM   
hAkron

 

Posts: 40
Joined: 22.Mar.2001
From: Akron, OH, USA
Status: offline
Exchange 4.0 & 5.0 do not allow selective mail relay...You'll need to upgrade if you have one of these connected to the internet.

Exchange 5.5 is not configured out of the box to block relay, but you can alter your relay settings via the registry, or if you have Exchange 5.5 sp2 or higher you can change your relay settings from the Exchange Administrator program.

Exchange 2000 blocks relay by default

Newer versions of sendmail also block relay by default

If you have external users who MUST send across your mail server, set your relay to allow relay to users who successfully authenticate (AUTH)

Another workaround is to set your external users to send through their ISP's SMTP server, and recieve mail from your server (POP3). Normally if you are on your ISP's network you'll be able to send through their servers without supplying your credentials.


(in reply to tshinder)
Post #: 2
RE: Don't Be a Spam Relay Site - 11.Dec.2001 7:24:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi H,

Good tips!

However, something to watch out for is that the SMTP application filter won't work with AUTH.

Thanks!

Tom

------------------
http://www.isaserver.org/shinder/


Get It Here!


(in reply to tshinder)
Post #: 3
RE: Don't Be a Spam Relay Site - 3.Feb.2002 10:26:00 PM   
aymanra

 

Posts: 9
Joined: 3.Feb.2002
Status: offline
speaking of mail spam, a common method nowadays is using unsecure SOCKS proxies/1080 for email spamming.

Make sure that your SOCKS proxies allow only authenticated users and/or restrict port redirections.


(in reply to tshinder)
Post #: 4
RE: Don't Be a Spam Relay Site - 4.Feb.2002 8:43:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi aymanra,

Good point! That's why I alwasy recommend disabling the SOCKS proxy as a security measure.

Thanks!

Tom

------------------
http://www.isaserver.org/shinder/


Get It Here!


(in reply to tshinder)
Post #: 5
RE: Don't Be a Spam Relay Site - 6.Feb.2002 8:56:00 PM   
msonnentag

 

Posts: 63
Joined: 7.Jan.2002
From: Minneapolis, MN
Status: offline
Also, if you've upgraded to Exchange 2K from Exchange 5.5 - Remember to get rid of any SMTP connectors that were needed as part of that migration!

(in reply to tshinder)
Post #: 6
RE: Don't Be a Spam Relay Site - 5.Mar.2002 1:56:00 AM   
mbrassart

 

Posts: 5
Joined: 5.Mar.2002
From: Mexico
Status: offline
Tom I have installed service pack 1 does the filter now work with AUTH

Thank you

Max

quote:
Originally posted by tshinder:
Hi H,

Good tips!

However, something to watch out for is that the SMTP application filter won't work with AUTH.

Thanks!

Tom



(in reply to tshinder)
Post #: 7
RE: Don't Be a Spam Relay Site - 5.Mar.2002 7:08:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Max,

Service Pack 1a does not support AUTH. The first version of the SP did, but it apparently broke something else.

HTH,
Tom

(in reply to tshinder)
Post #: 8
RE: Don't Be a Spam Relay Site - 21.Mar.2002 6:45:00 PM   
IanUK

 

Posts: 4
Joined: 9.Mar.2002
From: uk
Status: offline
heres a free little utility to test your server for relay............

sam spade at sam spade

it will connect to your port 25 and try to email you back and lets you know if relay is disabled.. also very useful for traceroutes pings dig nslookup etc

Hope this helps
Ian

(in reply to tshinder)
Post #: 9
RE: Don't Be a Spam Relay Site - 25.Mar.2002 5:39:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ian,

Thanks for the link!

Tom

(in reply to tshinder)
Post #: 10
RE: Don't Be a Spam Relay Site - 4.Apr.2002 1:53:00 AM   
skipster

 

Posts: 550
Joined: 12.Oct.2001
From: newport beach
Status: offline
Hey Tom when i click on the link to test my email server it just opens up a command promt, but it displays to fast for me to read what it says, is this by design. CAn you tell me how to set it up so i can read the info?

(in reply to tshinder)
Post #: 11
RE: Don't Be a Spam Relay Site - 4.Apr.2002 6:32:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Skipster,

Looks like they removed the old web based system. too bad, it was pretty fun, although if you configure your system right, you won't relay. Check out:

http://www.tacteam.net/isaserverorg/smtprelayout.htm for a bit of discussion on mail relay.

HTH,
Tom

(in reply to tshinder)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> Tips & Tricks >> Don't Be a Spam Relay Site Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts