IIS Server Security - IIS SMTP Open Relay

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > February 2007 > IIS SMTP Open Relay





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author IIS SMTP Open Relay
Santa

2007-02-01, 1:18 pm

Hi

I have a IIS server configured with SMTP in a public ip address. SMTP i have
configured with "openrelay" which is vulnerable for the security threats.
Please tell me how to close the SMTP open relay in this server without
specifying a IP address or address ranges.
Becouse there are some web developers need to have a access to this server
and test the application to send mails through this SMTP relay.

Pls advice.
Bernard Cheah [MVP]

2007-02-02, 7:25 am

What about authentication?
HOW TO: Set SMTP Security Options in Windows Server 2003
http://support.microsoft.com/?id=324285

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/


"Santa" <Santa@discussions.microsoft.com> wrote in message
news:0F193728-ADDE-4D83-9C39-54D482D8E395@microsoft.com...
> Hi
>
> I have a IIS server configured with SMTP in a public ip address. SMTP i
> have
> configured with "openrelay" which is vulnerable for the security threats.
> Please tell me how to close the SMTP open relay in this server without
> specifying a IP address or address ranges.
> Becouse there are some web developers need to have a access to this server
> and test the application to send mails through this SMTP relay.
>
> Pls advice.


Ken Schaefer

2007-02-04, 7:19 am

In addition to SMTP AUthentication mentioned by Bernard, you could have the
web developers host their applications on your web server. That way you only
need to allow relay to 127.0.0.1

Cheers
Ken


"Santa" <Santa@discussions.microsoft.com> wrote in message
news:0F193728-ADDE-4D83-9C39-54D482D8E395@microsoft.com...
> Hi
>
> I have a IIS server configured with SMTP in a public ip address. SMTP i
> have
> configured with "openrelay" which is vulnerable for the security threats.
> Please tell me how to close the SMTP open relay in this server without
> specifying a IP address or address ranges.
> Becouse there are some web developers need to have a access to this server
> and test the application to send mails through this SMTP relay.
>
> Pls advice.

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com