TABLE OF CONTENTS Even though Exchange 2003, out of the box, is the most secure version of Exchange released to date, we still need to keep an open eye on Exchange services such as the Simple Mail Transfer Protocol (SMTP), which is one the most compromised services in Exchange 2003. The primary reason is that SMTP servers are quite insecure because they are configured in such a way that communication with other SMTP servers is done using anonymous connections.
This chapter covers the following topics:
Securing the SMTP service
SMTP relaying
E-mail address spoofing
Internet mail headers
As you read this chapter, you will first be introduced to the SMTP basics, and then you will learn what SMTP relaying is all about and why it s vital to protect your SMTP server against relaying. We will also touch on topics such as e-mail address spoofing. Last but not least, you will be shown the information included in an Internet mail header.
To understand the material in the rest of this chapter, it s mandatory that you know how SMTP servers communicate with each other. It s also vital that you have the proper knowledge of the various security-related options under an Exchange 2003 SMTP virtual server.
Simple Mail Transfer Protocol (SMTP) is the Internet standard for transporting and delivering electronic messages. SMTP is based on specifications in request for comment (RFC) 2821 and RFC 2822. Microsoft SMTP Service is included in the Windows 2000 and Windows...
