MS 2003 Server SMTP + POP question

[Shark]

I have both services installed.

But I can't figure out how to allow external clients to connect, and send their email through the server, while not allowing anyone else (spammers).

The problem lies in the fact that the clients are not on a fixed ip/domain, so I can't limit it via that.

But I see no other method....

anyone please? I don't like being a spam relay if I do this wrong 🙁

 

[MrChad]

Can't you just require authentication for SMTP clients? Most ISPs require this for clients connecting from outside their subnet.

 

[Shark]

Originally posted by: MrChad
Can't you just require authentication for SMTP clients? Most ISPs require this for clients connecting from outside their subnet.

If I require incoming SMTP authentication then no can deliver mail to the domain.

Which leaves my question. How to I only allow known clients to send outbound?

 

[Shark]

anyone today?

 

[spyordie007]

I believe the way to do it would be to enable authentication and than add a domain alias and that will allow for local delivery.

 

[Sideswipe001]

Are you using Exchange? I could tell you exactly where to go in Exhange, but if there's a way to do this without it, I have no idea how.

 

[Shark]

Originally posted by: Sideswipe001
Are you using Exchange? I could tell you exactly where to go in Exhange, but if there's a way to do this without it, I have no idea how.

nope - but the settings are similar to exactly the same for SMTP.

 

[Sideswipe001]

Well, in Exchange, you can go to the properties of your Virtual SMTP server, and set relay permissions. Basically, the way to secure your box is to deny the right to relay - not connect - to everyone except those who can authenticate. It's not hard to do in Exchange, and in fact, Exchange 2003 comes set up that way by default. I'd expect Microsoft wouldn't leave boxes as open relays by default, nowadays.

 

[Shark]

Originally posted by: Sideswipe001
Well, in Exchange, you can go to the properties of your Virtual SMTP server, and set relay permissions. Basically, the way to secure your box is to deny the right to relay - not connect - to everyone except those who can authenticate. It's not hard to do in Exchange, and in fact, Exchange 2003 comes set up that way by default. I'd expect Microsoft wouldn't leave boxes as open relays by default, nowadays.

Ok. So I guess my confusion lies in the Authentication window.

If I do not have anonymous checked, I can NOT receive any email at all.

But If I do check it, and then check that box to allow only authenticated users to relay... does that mean that anonymous users can relay through as well?

(The question sounds stupider and stupider as I type it out)

 

[Sideswipe001]

No, it will not allow annonymous users to relay. Don't think of the anonymous people as authenticating. Think of checking that box as saying "I don't require autentication to connect" and the box that allows only authenticated users to relay as saying "BUT if you want to send out, I'll need to see some ID." 😉

 

[Shark]

ok - that makes sense.

I seemed to have hosed something nicely along the way now as I can't get mail through at all....

might be time for a reboot :/

 

[Shark]

Ok - I got it.

Here was my issue. I was turning on Basic Authentication (so in my mind that meant turning off Anonymous) and that is why I received no email.

Once I got past that mistake, there was an issue because the server is not actually on a domain (just a workgroup, it?s a home machine) and it seems that basic authentication is trying authenticate users based on the domain.

Once I ticked off the Windows Integrated Authentication.... things worked.

(Not to mention how buggy the SMTP service is. There would be times I would stop receiving mail, after NO changes, and a reboot would make things right).

Thanks so much for all your help.