Anonymous Access Settings

Although Exchange 2003 provides the ability for client-side users to recognize spoofed mail, you should turn off anonymous SMTP access on all internal Exchange servers. Turning off anonymous access helps assure that only authenticated users can submit messages within your organization. In addition, requiring authentication forces client programs such as Outlook Express and Outlook using RPC over HTTP to authenticate before sending mail.