• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SMTP 587

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> SMTP 587 Page: [1]
Login
Message << Older Topic   Newer Topic >>
SMTP 587 - 5.Aug.2008 10:23:03 PM   
create_share

 

Posts: 269
Joined: 4.May2005
Status: offline
Hi!

I disabled "Transport Layer Security (TLS)" and "Offer Basic Authentication only after TLS" in Exchange 2007 Client Receive Connector then i created a publishing rule on ISA 2006 for Port 587. After doing this my users are able to send e-mails using my exchange server using their mobile devices. I just have to change the port 25 to 587 on the SMTP Server settings on their mobiles.

The question is that is it secure to use this configuration? Only Exchange Users is selected under permission group in Client Receive Connector.

Thanks!
Post #: 1
RE: SMTP 587 - 15.Aug.2008 9:25:59 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi CS,

Yes, this is a secure configuration. Only authenticated users will be able to relay through your SMTP server. However, you have to make sure that users are using complex passwords, as spammers will try to launch brute force attacks if they can.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to create_share)
Post #: 2
RE: SMTP 587 - 15.Aug.2008 9:37:34 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
quote:

ORIGINAL: create_share

Hi!

I disabled "Transport Layer Security (TLS)" and "Offer Basic Authentication only after TLS" in Exchange 2007 Client Receive Connector then i created a publishing rule on ISA 2006 for Port 587. After doing this my users are able to send e-mails using my exchange server using their mobile devices. I just have to change the port 25 to 587 on the SMTP Server settings on their mobiles.

The question is that is it secure to use this configuration? Only Exchange Users is selected under permission group in Client Receive Connector.

Thanks!


Doesn't this mean that crednentials are being passed in the clear if not protected by TLS?

Why can't you use TLS and just get ISA to server publish Exchange on the secure port?

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to create_share)
Post #: 3
RE: SMTP 587 - 16.Aug.2008 9:26:06 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
ACK!!! I didn't even notice it -- all the credentails are being passed in the clear. I guess it's safe to say that this SMTP server has been p0wnDed by spammers?

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to Jason Jones)
Post #: 4
RE: SMTP 587 - 16.Aug.2008 6:20:37 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
So, is it a secure configuration???? NO!!!!

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to tshinder)
Post #: 5
RE: SMTP 587 - 18.Aug.2008 8:46:16 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Nope -- not if TLS isn't enabled.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to Jason Jones)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> SMTP 587 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts