I have had trouble with being used to relay from my exchange server but it is configured to prevent this. Is there any way that someone could get in to my server to relay via my CDOSYS web code?
Thanks~I do not understand the question completely. If you are using exchange 2003, enable relaying for the ip address of the other server that is sending it.I am running exchange 2000 and if I watch my SMTP I can see that someone is acccessing my server for extended periods of time. Further, I was getting a lot of NDRs for emails that were never sent by anyone in this organization. I have since turned my NDRs off and limited the number of emails sent to 200 but I can't figure out how they are getting access to my exchange server. I have run all the open relay tests. I ran one that ran 19 tests and found it vulnerable in 3 of them but most of them say that I am not an open relay. I am wondering if there is some way to get access to my exchange server through my CDO SYS code in my asp pages (ie: contact us types of pages).
Thanks~open IIS SMTP node on the server. number of RCPT commands issued should be like 10 if that. Only if code is being executed that you didn't right ... or that you allow dynamicly posted code ...On my web server, right? I opened IIS and did not see that node (sorry-I know you can't fix stupid but how about blind
). Any help (Windows 2003 Server)?
Thanks for your help, as usual~on your Exchange server. you can see who can relay. you should have a check box only allow relay if authentiated.RCPT command is the cound of emails that a person can send from your server.
Also check the logs of the exchange server to see what they are doing to be able to relay. You can then fix that.Thanks again for your help!
Thanks~I do not understand the question completely. If you are using exchange 2003, enable relaying for the ip address of the other server that is sending it.I am running exchange 2000 and if I watch my SMTP I can see that someone is acccessing my server for extended periods of time. Further, I was getting a lot of NDRs for emails that were never sent by anyone in this organization. I have since turned my NDRs off and limited the number of emails sent to 200 but I can't figure out how they are getting access to my exchange server. I have run all the open relay tests. I ran one that ran 19 tests and found it vulnerable in 3 of them but most of them say that I am not an open relay. I am wondering if there is some way to get access to my exchange server through my CDO SYS code in my asp pages (ie: contact us types of pages).
Thanks~open IIS SMTP node on the server. number of RCPT commands issued should be like 10 if that. Only if code is being executed that you didn't right ... or that you allow dynamicly posted code ...On my web server, right? I opened IIS and did not see that node (sorry-I know you can't fix stupid but how about blind
). Any help (Windows 2003 Server)?Thanks for your help, as usual~on your Exchange server. you can see who can relay. you should have a check box only allow relay if authentiated.RCPT command is the cound of emails that a person can send from your server.
Also check the logs of the exchange server to see what they are doing to be able to relay. You can then fix that.Thanks again for your help!