Leave a comment

How to Stop Sending Spam Using Exchange Server

Written by:  • Edited by: Bill Bunter
Updated May 19, 2011 • Related Guides: Email Client | Microsoft Exchange Server

To stop sending spam over networks, most administrators turn off SMTP totally. This often results in loss of mails. The article explains a small trick on how to stop sending spam - configure your Exchange Server without turning SMTP off.

Spam and Spamming - Introduction

Slide 1 of 5

Before we proceed and understand how to stop sending spam, let us understand spam. Spam is generally an unwanted email message that you do not expect. These email messages are broadcasted to multiple users and contain contents that advertise a product or service. They may also be used for other purposes. Each server hosting an email service is capable of recognizing spam by reading the headers of the email. This is why you see a separate Spam folder in your email accounts. Though there are filters that divert the spam to the relevant directory, some of these messages manage to get across the filters to end up in your inbox.

Even as the technology is progressing to save your time and efforts, malicious users of the Internet are also putting in their efforts to bypass the spam filters. The most common method they use these days is to use a reputed email client such as Outlook Express, MS Outlook, Eudora or Thunderbird. When the email server sees that the email has originated from a reliable email client, it gets confused and the spam is often delivered to your inbox.

While there are certain restrictions imposed on the email service users so that they cannot spam others, they are not strong enough to prevent the users from using the service to bug others with unwanted emails. However, if your network is using Microsoft Exchange Server to send mails, you can find the trick in this article useful, when it comes to answer - how to stop sending spam and how to stop users servers from relaying spam.

How to Stop Sending Spam - Spamming through Exchange Server

Slide 2 of 5

One of the high priorities of network designers is how to stop sending spam through their networks. Most of the email clients are configured to send mails using the SMTP protocol. Microsoft Exchange Server, though considered different from SMTP, also contains the latter as one of its many components. The MS Exchange Server is comparatively more effective than SMTP. Still, users who want to play around use the dependency of Exchange Server on SMTP to spam. Then how to stop sending spam? The later part of this article addresses the question.

One of the main features of the Exchange Server is the Active Directory Service. This service stores the email address and other related information for users in a group or an organization. Based on the Directory Service, the mails sent by any user of the group or organization are placed into two categories.

If a mail is sent to a user whose name is listed in the Exchange Server, the mail is a normal one, also called an "internal" or "submit" email. On the other hand, if the mail is sent to users outside the group or organization, the mail is said to be "relayed". The name relay has been given as the mail is relayed through different servers in order to deliver it to the intended recipient. SMTP relays are the most common method used for spamming.

However, as the mail carries the reference of MS Exchange Server in its header, it is hard for the email service providers to tell if the email is a regular mail or a spam. This is where the spammers take advantage. One of the steps to avoid spam through SMTP relays is to turn it off. While turning off SMTP prevents users from sending spam using accounts dependant on SMTP alone, changes may be made to the Virtual SMTP Servers on Exchange Server to reduce the amount of outgoing spam.

Important Note: More and more network administrators are turning off the SMTP option on their LANs. This may cause problems in sending mails in future when most of the SMTP protocols across the world are turned off. Hence, it is better to configure your network’ email clients without POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) options that use SMTP. The administrators may use other options such as the HTTP (Hyper Text Transfer Protocol) so that they do not need to turn off SMTP on the LAN. Alternatively, set the LAN’s email client to use Exchange Server by configuring it to avoid users from misusing your network to spam.

Configuring the Exchange Server SMTP Virtual Servers to Stop Spam
Rating Average

Slide 3 of 5

You can use the SMTP Virtual Servers and configure the different settings so that you can control the entire system and avoid users from sending out spam. To access the SMTP Virtual Server, you need to go to the Server object to select Exchange System Manager. From Exchange System Manager, go to the Protocols container and then to the SMTP node. Right click the default SMTP Virtual Server to select Properties.

In the dialog box that appears, select the tab named Access (see Fig 1 in Screenshots section). Click on the Authentication button to access the Authentication dialog box (fig 2 in Screenshots section). You can specify the different authentication methods for accessing the SMTP Virtual Server. The first option is the Anonymous Access, which if checked, will allow any type of client to use SMTP relays and talk to your server. The Basic Authentication allows users to send text credentials to authenticate. The latter is more secure. The third option in the dialog box is the Integrated Windows Authentication checkbox. Keep it checked. Many network administrators remove it assuming that Exchange Servers do not need SMTP at all. This may lead to possible loss of emails.

Coming back to the Access Settings (Fig 1), click on the Relay button to secure the relays through the Exchange Server. In the dialog box that appears (Fig 3 in Screenshots section), you can specify which computers can use relays. Uncheck the option at the bottom of the dialog that allows all authenticated computers to use relays. This offers more protection from spam. Even after unchecking the box, the Exchange Servers are able to deliver mail to the recipient or forward it. Hence, there is no use of taking unnecessary risk by keeping the option open.

Once you remove the check on the "Allow all computers…" in the dialog box, you are able to access the Users button on the same dialog box. The option is not accessible unless you remove the checkbox that allows all computers to relay after authentication. Once you click the button, you get a Relay restrictions dialog box (see fig 4 in the screenshots section). Here, you can choose the user groups and levels that are able to relay or use the SMTP Virtual Server that we are configuring. You may want to define user groups and levels to reduce the risk of spamming.

However, the trick is to remove all the user groups and levels that are present and not to add any level or group if you want greater security for your network. Before you remove all the pre-existing user groups and levels from the upper box, select both the "submit" and "relay" options check box under permissions. This keeps the relays active on the network without allowing any user to actually use it. Furthermore, only the Exchange Servers that are related and set up on your LAN can communicate among themselves. This trick makes stops Exchange Servers relaying spam without having to turn off SMTP relays that may create obstacles in delivering mail properly.

ScreenShots

Slide 4 of 5
Fig 1 - Access SettingsFig 2 - AuthenticationFig 3 - Relay Restrictions DialogFig 4 - User Permissions Dialog Box

References

Slide 5 of 5

Technet Library, http://technet.microsoft.com/en-us/library/dd277329.aspx

  
Next Article »
We Also Recommend...
 
blog comments powered by Disqus
Computer Security
FEATURED AUTHORS
Shanna James William Busse Zack Jones M.S. Smith
mathewf4rr3l Tim Cormany Aaron R. Tye Yorkshire
Most Popular Articles
Email to a friend