But can't the same thing be said for frequent forced changes to passwords? Perhaps even more so?
Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randal, Phil Sent: Friday, December 19, 2003 2:14 AM To: Exchange Discussions Subject: RE: Open Relay/Spamcop strong passwords = post-it(tm) notes on monitors = weak passwords ;-) Merry Christmas everyone, Phil --------------------------------------------- Phil Randal Network Engineer Herefordshire Council Hereford, UK > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley > [MVP] > Sent: 18 December 2003 21:32 > To: Exchange Discussions > Subject: RE: Open Relay/Spamcop > > > Strong passwords mean much more than forced changes. > > Ed Crowley MCSE+Internet MVP > Freelance E-Mail Philosopher > Protecting the world from PSTs and Bricked Backups!T > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fretz > Sent: Thursday, December 18, 2003 8:49 AM > To: Exchange Discussions > Subject: RE: Open Relay/Spamcop > > I agree with Ben. My Exchange 2000 box at my last company was setup > to allow realaying after sucessfuly authentication because I had > POP3 clients > at other offices that had no other SMTP gateway. Disabling the Guest > account and forcing the users to change passwords every 30 days kept > our risk at a minimum. We got tagged as a relay once, but forcing > user password > changes on the spot fixed the problem. > > Eric Fretz > > L-3 Communications > ComCept Division > 2800 Discovery Blvd. > Rockwall, TX 75032 > tel: 972.772.7501 > fax: 972.772.7510 > > > > -----Original Message----- > From: Ben Winzenz [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 18, 2003 10:48 AM > To: Exchange Discussions > Subject: RE: Open Relay/Spamcop > > > I still think you are smoking crack on this, Greg. I have never seen > a properly configured Exchange 2000 server relay UNLESS a user account > was compromised, or the guest account was enabled. I've tested it and > tested again, and never found Exchange to relay with those settings. > > > Ben Winzenz > Network Engineer > Gardner & White > (317) 581-1580 ext 418 > > > -----Original Message----- > From: Greg Deckler [mailto:[EMAIL PROTECTED] Posted At: Thursday, > December 18, 2003 11:37 AM Posted To: Exchange (Swynk) > Conversation: Open Relay/Spamcop > Subject: RE: Open Relay/Spamcop > > > Hey, thanks for the confirmation. People have told me that I am > smoking crack and that the Exchange servers were horribly > misconfigured. It's nice to know that I am not smoking crack. > > > I concur with greg ... our server had those settings and we > were being > > > used as a relay ... turned off "Allow all computers which > successfully > > > authenticate to relay, regardless of the list above." and > that stopped > > > it ... > > > > Mike > > > > > > > > -----Original Message----- > > From: Greg Deckler [mailto:[EMAIL PROTECTED] > > Sent: Thursday, December 18, 2003 11:17 AM > > To: Exchange Discussions > > Subject: Re: Open Relay/Spamcop > > > > > > This may or may not be the problem, but I have seen spammers able to > > relay off an Exchange server if the following configuration applies: > > > > 1. If "Anonymous access" is turned on. SMTP Virtual Server > properties, > > > Access page, Authentication. 2. And, "Allow all computers which > > successfully authenticate to relay, regardless of the list > above." is > > checked. SMTP Virtual Server properties, Access page, Relay. > > > > > > > > > Hello All and Happy Holidays! > > >=20 > > > I have a colleague whos Exchange 2000 server is being reported as > > >Open > > > > > Relay by spamcop for the past month. I have tested his > relay by=20 > > > >setting up a POP account in Outlook, putting the server that is > > >being=20 reported as Open relay as my Outgoing SMTP server. =3D20 > > >=20 When I try to send a message using Outlook, I get a return > > >message > > that > > > 550 5.7.1 Unable to relay. I am relieved that it could not > relay. > > > That is good, however, why then is spamcop still reporting it to > > >be=20 open relay? =3D20 =20 I have checked (over the > phone) all his > > > >Virtual SMTP Server settings=20 to verify correct configuration. > > >Everything seems to be "checked" or=20 "unchecked" as > recommended by > > > >Microsoft. > > >=20 > > > We have Stopped/Started Services for SMTP =20 The Exchange 2000 > > >server is behind a NAT and I have looked into the=20 > possibility of > > >this. I have been out on the spamcop site and for the=20 > life of me > > > >cannot find a way to make them check the server again to=20 see if > > >it is closed relay like ORDB does. =3D20 =20 Any ideas or > > >comments???? =3D20 =20 =20 =20 Samantha Bridges Communications > > >Technician Macomb Intermediate School District > > > 44001 Garfield Road > > > Clinton Township MI 48038-1100 > > > (586) 228-3300 > > >=20 > > > [EMAIL PROTECTED] > > > http://www.misd.net > > >=20 > > >=20 > > > CONFIDENTIALITY NOTICE: This email message, including any > > >attachments, > > > > > is for the sole use of the intended recipient(s) and may > contain=20 > > > confidential and privileged information. Any unauthorized review, > > > use, > > > > > disclosure or distribution is prohibited. If you are not the > > >intended=20 recipient, please contact the sender by reply > email and > > >destroy all=20 copies of the original message. > > >=20 > > > =3D20 > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=3Dexchange&text_mo > > de=3D= > > & > > lang=3Denglish > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t ext_mode=& lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]