Users Without Permissions to Relay Messages Can Still Send Messages Through the SMTP Virtual Server (818778)
The information in this article applies to:
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
SYMPTOMSWhen you configure relay restrictions for the Simple Mail Transfer Protocol (SMTP) virtual server to deny the Submit Permission permission to a user so that the user cannot relay messages through the virtual server, you may find that the user can successfully send messages. This problem occurs even though you restrict relay access and configure permissions for the user by taking the following actions in the Relay Restrictions dialog box. (To reach the Relay Restrictions dialog box, in Exchange System Manager, right-click the SMTP virtual server, click Properties, click the Access tab, and then click Relay.) - You click to clear the Allow all computers which successfully authenticate to relay, regardless of the list above check box.
- You click Users, and then in the Permissions for Submit and Relay dialog box, you click to select the Deny check box that is next to the Submit Permission permission for the user.
CAUSEThis problem may occur if anonymous access is enabled for the SMTP virtual server. In Exchange Server 2003, when you click to clear the Allow all computers which successfully authenticate to relay, regardless of the list above check box in the Relay Restrictions dialog box to configure relay permissions for specific users or computers, anonymous access is not automatically disabled on the SMTP virtual server. You must manually disable anonymous access to the SMTP virtual server.WORKAROUNDTo work around this issue, manually disable anonymous access for the SMTP virtual server: - Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
- In the console tree, expand Servers, expand ServerName, expand Protocols, and then expand SMTP.
- In the right pane, right-click the SMTP virtual server (for example, Default SMTP VirtualServer), and then click Properties.
- Click the Access tab.
- Under Access control, click Authentication.
- Click to clear the Anonymous access check box, click OK, and then click OK.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Modification Type: | Minor | Last Reviewed: | 11/10/2005 |
---|
Keywords: | kbnofix kbBug KB818778 |
---|
|