KB ID 0000020 Dtd 21/01/09
Problem
You want to secure Exchange 2003 (Post SP2).
Solution
1. Ensure you are not an open relay,
1. Open The Exchange Exchange system manager > Navigate to Administrative > Groups > First Administrative Group > Servers > {server_name} > Protocols > SMTP.
2. Right Click Default SMTP Server > Properties > Access > The Top option “Only the List Below” should be selected.
2. Set up Filtering,
1. Open The Exchange Exchange system manager > Global Settings > Message Delivery.
2. Right Click Message Delivery > Properties > Recipient FIltering > Tick “Filter recipients who are not in the directory” > Apply > OK.
3. Select the “Sender Filtering” tab, tick “Filter messages with blank sender” > Apply > OK.
4. Select the “connection filtering” tab, Click Add > In display name enter “Spamhaus” > Under DNS Suffix add zen.spamhaus.org
5. Click the “Return status code” button > Tick “Match filter rule to any of the following responses” > Add 127.0.0.1, 127.0.0.3 and 127.0.0.9
6. OK > OK > Apply > OK > OK.
7. Click the “Intelligent Message Filtering” Tab (If you cant see it apply Service Pack 2).
8. Set “Gateway BLocking Configuration” to 7 > Change no Action to “Archive”.
9. Set “Store Junk Email Configuration” to 6 > Apply > OK.
10. Start > Run > Regedit {enter}.
11. Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSMTPSVCParameters
12. In the right hand Window > Right click > New > DWORD Value > call it “TarpitTime” {without quotes}.
13. Double click TarpitTime > Set its value to 5 > OK.
14. Start > Run > services.msc {enter}.
15. At command line issue the following command > net stop SMTPSVC {enter}.
16. Leave the command window open > Locate the MailRoot Directory (default location is C:Program FilesExchsrvrMailroot, but yours may be different).
17. Rename the MailRoot folder to MailRoot_BAK.
16. Back at command line issue the following command > net start SMTPSVC {enter}.
Related Articles, References, Credits, or External Links
NA
