B
bubba1984
I currently have a windows server 2012 R2 server setup with IIS and configured it as an open SMTP Relay. Our security team wants us to lock it down to use Secure SMTP where only devices or applications that can do authentications is able to relay mail off of this relay server.
Since everything is in an active directory environment, on the access tab> authentication I selected integrated windows authentication. On the delivery tab, I click on outbound security and select integrated windows authentication and put the service account username and password. On the security tab, I also added the service account username to it.
If I setup an application to do ssmtp and point it to the relay server I receive the email message. If I use normal client that does only smtp and send it to the relay server, I also receive the email. I need to understand what is the proper way to lock down IIS so that it only does secure SMTP (SSMTP) and anything else that does not authenticate the relay will reject the message.
Continue reading...
Since everything is in an active directory environment, on the access tab> authentication I selected integrated windows authentication. On the delivery tab, I click on outbound security and select integrated windows authentication and put the service account username and password. On the security tab, I also added the service account username to it.
If I setup an application to do ssmtp and point it to the relay server I receive the email message. If I use normal client that does only smtp and send it to the relay server, I also receive the email. I need to understand what is the proper way to lock down IIS so that it only does secure SMTP (SSMTP) and anything else that does not authenticate the relay will reject the message.
Continue reading...