Securing SMTP Virtual Servers

Applies To: Windows Server 2003, Windows Server 2003 with SP1

There are many steps you can take to make your SMTP virtual server more secure, including configuring access-related settings such as the authentication method, limiting administrative access, and setting connection limits.

Configuring Access-Related Settings

You can restrict access to your SMTP server by requiring authentication, limiting access according to IP address, or both. Restrict access by using the Access tab of the SMTP virtual server properties dialog box. The Access tab has five important security-related settings: Authentication, Certificate, Communication, Connection, and Relay.

Authentication

The Authentication option allows you to select from the following methods for authenticating users who attempt to connect to your SMTP server:

• Anonymous access. Anonymous access does not require users to enter a user name and password. This option is intended for servers that accept mail from outside the network.

  For example, if you are creating a stand-alone smart host that sits outside of your firewall and in front of your Exchange server, then you might select Anonymous access. Or, if you are creating a server to receive e-mail from a public Web site, then you might select Anonymous access.

• Basic authentication. Basic authentication requires users to enter a valid user name and password; however, the credentials are sent across the network unencrypted. If you select Basic authentication, then select Requires TLS encryption, which encrypts the user credentials. To require TLS encryption, you must have a valid SSL certificate installed on the server.

• Integrated Windows authentication. Integrated Windows authentication requires users to enter a valid Windows user name and password to connect to your SMTP server. Credentials are sent across the network encrypted. You can select Integrated Windows authentication if you are setting up a smart host to relay messages within your network or if you are setting up a server to receive e-mail from internal sites, such as a company intranet.

Certificate and Communication

The Certificate and Communication options allow you to secure communication by installing security certificates and requiring encryption. To install a certificate, click Certificate to start the New Certificate Wizard. Then, if you want to require the SMTP service to use SSL to encrypt every message, click Communication.

Connection

The Connection option allows you to restrict access to your server based on IP address. For example, if you are setting up a smart host that works inside your network, then you can use the Only the list below option to restrict access to the range of IP addresses for your network. If you are setting up a smart host that relays external e-mail or if you are setting up a server to accept e-mail from a public Web site, then connection control can be an effective way to restrict unsolicited commercial e-mail. After you identify the IP address or addresses of computers that send bulk e-mail, you can use the All except the list belowoption to prevent computers with specific IP addresses from connecting to your server. Although you can restrict access based solely on the domain name, this practice is not recommended because of the resources required to perform a reverse DNS lookup to identify the IP address of the computer attempting to connect.

Relay

The Relay option allows you to send e-mail to an SMTP server, which then sends it to the destination server or to another SMTP relay server. By default, the SMTP service blocks all computers from relaying unwanted mail through the virtual server, except those that meet the authentication requirements you designated in the Authentication dialog box. If you are setting up a smart host, enable only authenticated users to relay messages. If you are setting up a server to receive e-mail from the Internet, do not allow relaying, which can make you vulnerable to outside users who attempt to send unsolicited commercial e-mail through your SMTP server.

Limiting Administrative Access

You can restrict access to your server to only trusted administrators and make sure that administrators are granted only the access that they need to accomplish their work. Limit administrator access by using the Security tab of the SMTP virtual server properties dialog box.

Setting Messages Limits

You can set message limits to prevent large, incoming messages from affecting the performance of your server. Set message limits by using the Messages tab of the SMTP virtual server properties dialog box.

There are two message limit settings. The first limits the message size. If a mail client sends a message that exceeds the limit, then the mail client receives an error. The second limits the session size, the maximum amount of data that is accepted during the total connection. This setting applies to the sum of all the messages that are sent during the connection and to only the message body.

To help protect against users who send unsolicited, commercial e-mail to your SMTP server, you can limit the maximum number of recipients for a single message sent in one connection. For more information about setting message and recipient limits, see Managing Messages_IIS_SP1_Ops.