"Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
news:ev0wTr6fGHA.2456@TK2MSFTNGP04.phx.gbl...
> "aboni" <and***@assergs.com> wrote in message
> news:%23BwJJN3fGHA.3652@TK2MSFTNGP02.phx.gbl...
>> Hi!
>>
>> I'm using a POP3 service and SMTP Service of Windows 2003 server to setup
>> a small Mail Server Enviroment.
>>
>> In my "Default SMTP Virtual Server" -> Properties -> Access ->
>> Authentication I need to allow "Anonymous Acces". If I don't do that,
>> people can't send me mail's.
>
> People can send email if they authenticate to the SMTP server. This needs
> to be configured in the user's email program
>
>
>> My question is:
>>
>> This "Anonymous Access" don't open my SMTP Server to SPAMMERS?
>
> Yes, and No.
>
> Does it mean spammers can send you email? Yes. But you need other people
> to be able to send you mail anyway. So, you do need to allow this if your
> SMTP server is accepting email from outside users.
>
> Does it mean spammers can hijack your email server to send spam through
> it? Not if you don't allow relaying. Ensure that only your private IP
> addresses are allowed to relay.
>
>
>> How I know that my SMTP Server is protected and only authenticate users
>> can send mail through his?
>
> You need to disable anonymous authentication if you want *all* users to
> authenticate first.
>
> Cheers
> Ken
>

"aboni" <and***@assergs.com> wrote in message
news:%23Sikf8$fGHA.4864@TK2MSFTNGP05.phx.gbl...
> Thanks for help!
>
>> Does it mean spammers can hijack your email server to send spam through
>> it? Not if you don't allow relaying. Ensure that only your private IP
>> addresses are allowed to relay.
>
> My doubt in just in how I should configure relay restrictions.
> In the "Relay properties" I should configure like below:
>
> 1 - Mark option "Only the list Below";
> 2 - Add my IP(e.g. 192.168.0.4) to the list;
> (My SMTP is installed in same machine that my DNS, I should add my private
> IP(e.g. 192.168.0.4) or my internet IP(e.g. 200.166.xxx.xxx)??????)
> (Adding IP to the list I can configure my SMTP to be used outside
> enterprise(e.g. my home)?????)
> 3 - Uncheck "Allow all computers witch sucessfully authenticate to relay,
> regardless of the list above"
> (I think that need uncheck because "Anonymous Access" are allowed, then
> any user is authenticated. It's right??????).
>
> It's configuration is valid? My SMTP stay protected against SPAMMERS???
>
> Thanks for any additional help.
> Andrew
>
>
>
> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
> news:ev0wTr6fGHA.2456@TK2MSFTNGP04.phx.gbl...
>> "aboni" <and***@assergs.com> wrote in message
>> news:%23BwJJN3fGHA.3652@TK2MSFTNGP02.phx.gbl...
>>> Hi!
>>>
>>> I'm using a POP3 service and SMTP Service of Windows 2003 server to
>>> setup a small Mail Server Enviroment.
>>>
>>> In my "Default SMTP Virtual Server" -> Properties -> Access ->
>>> Authentication I need to allow "Anonymous Acces". If I don't do that,
>>> people can't send me mail's.
>>
>> People can send email if they authenticate to the SMTP server. This needs
>> to be configured in the user's email program
>>
>>
>>> My question is:
>>>
>>> This "Anonymous Access" don't open my SMTP Server to SPAMMERS?
>>
>> Yes, and No.
>>
>> Does it mean spammers can send you email? Yes. But you need other people
>> to be able to send you mail anyway. So, you do need to allow this if your
>> SMTP server is accepting email from outside users.
>>
>> Does it mean spammers can hijack your email server to send spam through
>> it? Not if you don't allow relaying. Ensure that only your private IP
>> addresses are allowed to relay.
>>
>>
>>> How I know that my SMTP Server is protected and only authenticate users
>>> can send mail through his?
>>
>> You need to disable anonymous authentication if you want *all* users to
>> authenticate first.
>>
>> Cheers
>> Ken
>>
>
>

"Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
news:%23UaAhGHgGHA.3572@TK2MSFTNGP04.phx.gbl...
> Hi,
>
> By default, your SMTP server will only accept mail that is addressed To:
> someone at your domain.
>
> When you allow "relaying" you allow selected users or IP addresses to send
> mail to anyone.
>
> So, you should only enable relaying for:
> a) your private IP addresses (this allows machines on your network to send
> email to anyone)
> and/or
> b) authenticated users (users will need valid Windows accounts to send
> mail to anyone through the SMTP server)
>
> (b) is usually disabled (you uncheck "Allow all computers witch
> sucessfully authenticate to relay,  regardless of the list above") and you
> only enable (a)
>
> That means anyone can send you email (including spammers), however
> spammers can not use your server to send email to anyone (relaying). Only
> your private addresses are allowed to relay (send email to anyone).
>
> Cheers
> Ken
>
>
> "aboni" <and***@assergs.com> wrote in message
> news:%23Sikf8$fGHA.4864@TK2MSFTNGP05.phx.gbl...
>> Thanks for help!
>>
>>> Does it mean spammers can hijack your email server to send spam through
>>> it? Not if you don't allow relaying. Ensure that only your private IP
>>> addresses are allowed to relay.
>>
>> My doubt in just in how I should configure relay restrictions.
>> In the "Relay properties" I should configure like below:
>>
>> 1 - Mark option "Only the list Below";
>> 2 - Add my IP(e.g. 192.168.0.4) to the list;
>> (My SMTP is installed in same machine that my DNS, I should add my
>> private IP(e.g. 192.168.0.4) or my internet IP(e.g.
>> 200.166.xxx.xxx)??????)
>> (Adding IP to the list I can configure my SMTP to be used outside
>> enterprise(e.g. my home)?????)
>> 3 - Uncheck "Allow all computers witch sucessfully authenticate to relay,
>> regardless of the list above"
>> (I think that need uncheck because "Anonymous Access" are allowed, then
>> any user is authenticated. It's right??????).
>>
>> It's configuration is valid? My SMTP stay protected against SPAMMERS???
>>
>> Thanks for any additional help.
>> Andrew
>>
>>
>>
>> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
>> news:ev0wTr6fGHA.2456@TK2MSFTNGP04.phx.gbl...
>>> "aboni" <and***@assergs.com> wrote in message
>>> news:%23BwJJN3fGHA.3652@TK2MSFTNGP02.phx.gbl...
>>>> Hi!
>>>>
>>>> I'm using a POP3 service and SMTP Service of Windows 2003 server to
>>>> setup a small Mail Server Enviroment.
>>>>
>>>> In my "Default SMTP Virtual Server" -> Properties -> Access ->
>>>> Authentication I need to allow "Anonymous Acces". If I don't do that,
>>>> people can't send me mail's.
>>>
>>> People can send email if they authenticate to the SMTP server. This
>>> needs to be configured in the user's email program
>>>
>>>
>>>> My question is:
>>>>
>>>> This "Anonymous Access" don't open my SMTP Server to SPAMMERS?
>>>
>>> Yes, and No.
>>>
>>> Does it mean spammers can send you email? Yes. But you need other people
>>> to be able to send you mail anyway. So, you do need to allow this if
>>> your SMTP server is accepting email from outside users.
>>>
>>> Does it mean spammers can hijack your email server to send spam through
>>> it? Not if you don't allow relaying. Ensure that only your private IP
>>> addresses are allowed to relay.
>>>
>>>
>>>> How I know that my SMTP Server is protected and only authenticate users
>>>> can send mail through his?
>>>
>>> You need to disable anonymous authentication if you want *all* users to
>>> authenticate first.
>>>
>>> Cheers
>>> Ken
>>>
>>
>>
>
>

"aboni" <and***@assergs.com> wrote in message
news:uFoQAeMgGHA.4892@TK2MSFTNGP02.phx.gbl...
> Thanks for reply!
>
> My configuration appears correct, how you describe!
>
> My authentication is defined to:
> - Anonymous Access
> - Integrated Windows Authentication
>
> My relay configuration is defined to:
> - Only the list below
> - Allow all computers witch sucessfully authenticate to relay...
>
> It's correct, right? Or no?
>
> Thanks for all help,
> Andrew
>
>
> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
> news:%23UaAhGHgGHA.3572@TK2MSFTNGP04.phx.gbl...
>> Hi,
>>
>> By default, your SMTP server will only accept mail that is addressed To:
>> someone at your domain.
>>
>> When you allow "relaying" you allow selected users or IP addresses to
>> send mail to anyone.
>>
>> So, you should only enable relaying for:
>> a) your private IP addresses (this allows machines on your network to
>> send email to anyone)
>> and/or
>> b) authenticated users (users will need valid Windows accounts to send
>> mail to anyone through the SMTP server)
>>
>> (b) is usually disabled (you uncheck "Allow all computers witch
>> sucessfully authenticate to relay,  regardless of the list above") and
>> you only enable (a)
>>
>> That means anyone can send you email (including spammers), however
>> spammers can not use your server to send email to anyone (relaying). Only
>> your private addresses are allowed to relay (send email to anyone).
>>
>> Cheers
>> Ken
>>
>>
>> "aboni" <and***@assergs.com> wrote in message
>> news:%23Sikf8$fGHA.4864@TK2MSFTNGP05.phx.gbl...
>>> Thanks for help!
>>>
>>>> Does it mean spammers can hijack your email server to send spam through
>>>> it? Not if you don't allow relaying. Ensure that only your private IP
>>>> addresses are allowed to relay.
>>>
>>> My doubt in just in how I should configure relay restrictions.
>>> In the "Relay properties" I should configure like below:
>>>
>>> 1 - Mark option "Only the list Below";
>>> 2 - Add my IP(e.g. 192.168.0.4) to the list;
>>> (My SMTP is installed in same machine that my DNS, I should add my
>>> private IP(e.g. 192.168.0.4) or my internet IP(e.g.
>>> 200.166.xxx.xxx)??????)
>>> (Adding IP to the list I can configure my SMTP to be used outside
>>> enterprise(e.g. my home)?????)
>>> 3 - Uncheck "Allow all computers witch sucessfully authenticate to
>>> relay, regardless of the list above"
>>> (I think that need uncheck because "Anonymous Access" are allowed, then
>>> any user is authenticated. It's right??????).
>>>
>>> It's configuration is valid? My SMTP stay protected against SPAMMERS???
>>>
>>> Thanks for any additional help.
>>> Andrew
>>>
>>>
>>>
>>> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
>>> news:ev0wTr6fGHA.2456@TK2MSFTNGP04.phx.gbl...
>>>> "aboni" <and***@assergs.com> wrote in message
>>>> news:%23BwJJN3fGHA.3652@TK2MSFTNGP02.phx.gbl...
>>>>> Hi!
>>>>>
>>>>> I'm using a POP3 service and SMTP Service of Windows 2003 server to
>>>>> setup a small Mail Server Enviroment.
>>>>>
>>>>> In my "Default SMTP Virtual Server" -> Properties -> Access ->
>>>>> Authentication I need to allow "Anonymous Acces". If I don't do that,
>>>>> people can't send me mail's.
>>>>
>>>> People can send email if they authenticate to the SMTP server. This
>>>> needs to be configured in the user's email program
>>>>
>>>>
>>>>> My question is:
>>>>>
>>>>> This "Anonymous Access" don't open my SMTP Server to SPAMMERS?
>>>>
>>>> Yes, and No.
>>>>
>>>> Does it mean spammers can send you email? Yes. But you need other
>>>> people to be able to send you mail anyway. So, you do need to allow
>>>> this if your SMTP server is accepting email from outside users.
>>>>
>>>> Does it mean spammers can hijack your email server to send spam through
>>>> it? Not if you don't allow relaying. Ensure that only your private IP
>>>> addresses are allowed to relay.
>>>>
>>>>
>>>>> How I know that my SMTP Server is protected and only authenticate
>>>>> users can send mail through his?
>>>>
>>>> You need to disable anonymous authentication if you want *all* users to
>>>> authenticate first.
>>>>
>>>> Cheers
>>>> Ken
>>>>
>>>
>>>
>>
>>
>
>

"Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
news:%23tJOjBugGHA.4304@TK2MSFTNGP05.phx.gbl...
> Only you can decide whether this is correct or not.
>
> With your settings it means that:
> a) any one can send mail to yourdomain.com
> b) any computer in "the list below" can send email to anyone
> c) any user who can authenticate using a valid Windows username/password
> can send email to anyone (ensure that all your users have strong
> passwords!)
>
> Cheers
> Ken
>
> "aboni" <and***@assergs.com> wrote in message
> news:uFoQAeMgGHA.4892@TK2MSFTNGP02.phx.gbl...
>> Thanks for reply!
>>
>> My configuration appears correct, how you describe!
>>
>> My authentication is defined to:
>> - Anonymous Access
>> - Integrated Windows Authentication
>>
>> My relay configuration is defined to:
>> - Only the list below
>> - Allow all computers witch sucessfully authenticate to relay...
>>
>> It's correct, right? Or no?
>>
>> Thanks for all help,
>> Andrew
>>
>>
>> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
>> news:%23UaAhGHgGHA.3572@TK2MSFTNGP04.phx.gbl...
>>> Hi,
>>>
>>> By default, your SMTP server will only accept mail that is addressed To:
>>> someone at your domain.
>>>
>>> When you allow "relaying" you allow selected users or IP addresses to
>>> send mail to anyone.
>>>
>>> So, you should only enable relaying for:
>>> a) your private IP addresses (this allows machines on your network to
>>> send email to anyone)
>>> and/or
>>> b) authenticated users (users will need valid Windows accounts to send
>>> mail to anyone through the SMTP server)
>>>
>>> (b) is usually disabled (you uncheck "Allow all computers witch
>>> sucessfully authenticate to relay,  regardless of the list above") and
>>> you only enable (a)
>>>
>>> That means anyone can send you email (including spammers), however
>>> spammers can not use your server to send email to anyone (relaying).
>>> Only your private addresses are allowed to relay (send email to anyone).
>>>
>>> Cheers
>>> Ken
>>>
>>>
>>> "aboni" <and***@assergs.com> wrote in message
>>> news:%23Sikf8$fGHA.4864@TK2MSFTNGP05.phx.gbl...
>>>> Thanks for help!
>>>>
>>>>> Does it mean spammers can hijack your email server to send spam
>>>>> through it? Not if you don't allow relaying. Ensure that only your
>>>>> private IP addresses are allowed to relay.
>>>>
>>>> My doubt in just in how I should configure relay restrictions.
>>>> In the "Relay properties" I should configure like below:
>>>>
>>>> 1 - Mark option "Only the list Below";
>>>> 2 - Add my IP(e.g. 192.168.0.4) to the list;
>>>> (My SMTP is installed in same machine that my DNS, I should add my
>>>> private IP(e.g. 192.168.0.4) or my internet IP(e.g.
>>>> 200.166.xxx.xxx)??????)
>>>> (Adding IP to the list I can configure my SMTP to be used outside
>>>> enterprise(e.g. my home)?????)
>>>> 3 - Uncheck "Allow all computers witch sucessfully authenticate to
>>>> relay, regardless of the list above"
>>>> (I think that need uncheck because "Anonymous Access" are allowed, then
>>>> any user is authenticated. It's right??????).
>>>>
>>>> It's configuration is valid? My SMTP stay protected against SPAMMERS???
>>>>
>>>> Thanks for any additional help.
>>>> Andrew
>>>>
>>>>
>>>>
>>>> "Ken Schaefer" <kenREM***@THISadOpenStatic.com> escreveu na mensagem
>>>> news:ev0wTr6fGHA.2456@TK2MSFTNGP04.phx.gbl...
>>>>> "aboni" <and***@assergs.com> wrote in message
>>>>> news:%23BwJJN3fGHA.3652@TK2MSFTNGP02.phx.gbl...
>>>>>> Hi!
>>>>>>
>>>>>> I'm using a POP3 service and SMTP Service of Windows 2003 server to
>>>>>> setup a small Mail Server Enviroment.
>>>>>>
>>>>>> In my "Default SMTP Virtual Server" -> Properties -> Access ->
>>>>>> Authentication I need to allow "Anonymous Acces". If I don't do that,
>>>>>> people can't send me mail's.
>>>>>
>>>>> People can send email if they authenticate to the SMTP server. This
>>>>> needs to be configured in the user's email program
>>>>>
>>>>>
>>>>>> My question is:
>>>>>>
>>>>>> This "Anonymous Access" don't open my SMTP Server to SPAMMERS?
>>>>>
>>>>> Yes, and No.
>>>>>
>>>>> Does it mean spammers can send you email? Yes. But you need other
>>>>> people to be able to send you mail anyway. So, you do need to allow
>>>>> this if your SMTP server is accepting email from outside users.
>>>>>
>>>>> Does it mean spammers can hijack your email server to send spam
>>>>> through it? Not if you don't allow relaying. Ensure that only your
>>>>> private IP addresses are allowed to relay.
>>>>>
>>>>>
>>>>>> How I know that my SMTP Server is protected and only authenticate
>>>>>> users can send mail through his?
>>>>>
>>>>> You need to disable anonymous authentication if you want *all* users
>>>>> to authenticate first.
>>>>>
>>>>> Cheers
>>>>> Ken
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>