I have not been so privileged to see the No Mail Relay option fail but here is my two cents if your No Mai Relay option is being compromised.
Also keep in mind gentlemen that usernames and passwords are sent in clear text to authenticate a mail client to the mail server. This means that anyone who wants to sniff your router can snag access to the I-Mail server. Do you have a password policy? Turn off SMTP service of I-Mail. Change, the mail clients that you host, to another SMTP server. This involves a little legwork but it can be done. Now you can use IIS 5.0 of another server but I do not recommend it as it is also easily compromised and difficult to set up. Argosoft makes a free SMTP program and it is easy to set up authentication. I would recommend one username and password (complicated) lots of nonstandard characters so that a dictionary attack will be thwarted. Let the users relay through this, if you have external users then you will need some NAT set up. You could also change the SMTP service to operate on a non-standard port. Anyone who has ever tried sending e-mail via Earthlink knows that they filter port 25 for just such a reason. Lastly, I certainly hope that your publicly accessed servers such as I-Mail reside on a DMZ. If they are part of your internal LAN then there is a myriad of nasties that can be done to your ARP table alone. Well I hope these give you something to consider. C. Douglas Mays Jr. Network Engineer In Zone Inc. & In Zone Brands Inc. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
