Any Exchange 2003 people here?

number41

number41

number41

Associate
Joined
15 Jul 2006
Posts
587
Location
Southampton
Evening all! Just have a query regarding Exchange 2003 and deployment.

1. You can telnet to port 25 on the exchange server as this how it receives email, etc. But is there a way to allow email through port 25 but stop telnet going to it on port 25? Thing is that when you telnet on port 25 you can run the EHLO command and the Mail From: etc to send mail to other domain recepients without needing a password which is very annoying! I've stopped relaying but the command still works for people on the same domain :(

2. This really relates to the above. We have an ISA 2006 server. Can this be set to allow only emails through and block any other type of traffic on port 25 by packet inspection or something? How do large companies dis-allow telnet on 25 but allow email through? Do you need a proxy server or something as well as an ISA box?

I've noticed some domain addresses you can telnet to port 25 just like on mine, but others dont let you telnet on port 25 but you can still email. I want that added security too if possible!

Hope it makes sense to someone lol :D
 
Question 1 you'll have to clarify - why would you need a password?

The rest: you can't stop the telnet, to my knowledge. It isn't really telnet, it's just a terminal on that port - it's how the whole email system works. Other mailservers connect to you on port 25 and run through the commands, so they need your server to respond.

If you're not getting a response from other domains, you're possibly not aiming at their mailservers. I've never once seen a mailserver I can't connect to in that way.
 
Yeah, ignore my comment about not being able to telnet! I reaslise now that its not possible to block telnet 25 so ignore my dumb moment lol.

What I would be interested though is knowing if theres a way to block people from sending mail internally on the domain. As it stands, anyone in the world can telnet to an Exchange 2003 server, and send mail internally using addresses at the local domain. Is there a way to stop the "mail to:" and "rcpt to:" commands? I'm getting it on my own server that random people are telnetting in and trying to send email internally by picking a random @mydomain.com address to send the mail. If the "mail from" and "rcpt to" addresses exist within my domain then that message is sent which is most annoying!

One way to stop people telnetting directly to the Exchange server would be to put some sort of mail proxy in front of it. I have put ISA in front of it and installed SMTP to forward all mails to the exchange. Unfortunately SMTP has the same commands so am having the same problems!!
 
Last edited:
number41 said:
As it stands, anyone in the world can telnet to an Exchange 2003 server, and send mail internally using addresses at the local domain. Is there a way to stop the "mail to:" and "rcpt to:" commands? I'm getting it on my own server that random people are telnetting in and trying to send email internally by picking a random @mydomain.com address to send the mail. If the "mail from" and "rcpt to" addresses exist within my domain then that message is sent which is most annoying!
Click to expand...


This is how the email system works. If you did that, then no one would be able to send you emails. What makes you think they're telnetting in? It's far, far more likely that it's just junk mailers making up addresses - it's not uncommon.

You can, of course, set Exchange to reject all emails that aren't going to a legitimate existing address.
 
You must log in or register to reply here.
Back
Top Bottom