tailieunhanh - cya securing exchange server 2003 and outlook web access phần 4

Như bạn có thể thấy, có một số tab để lựa chọn, nhưng kể từ khi chúng ta chỉ quan tâm đến những thứ liên quan đến an ninh, nhấp vàoQuyền tab (xem Hình 3,22). Bắt đầu bằng cách nhấn vào các khách hàng 1. Trong Exchange System Manager, mở rộng | 84 Chapter 4 SMTP Security means the server greets the client with Hello local IP address . 4. Type MAIL FROM spamking@. The server responds with 250 spamking@ OK With the MAIL FROM command we tell the server who the sender or originator is and the server then responds with a response code 250 which in humans language means OK User not local but will accept mail anyway. 5. Type RCPT TO henrik@. 550 Unable to relay for henrik@ We get the response code 550 . which in this example means Relaying not permitted. If you get this response code your Exchange server is most likely a closed relay and everything is as it should be but if you instead get a 250 henrik@ response chances are you have an open relay and it is recommended that you examine and correct the configuration error. Figure shows the steps we have been through in action. Figure Open Relay Test Using Telnet As we mentioned there are many Web-based services that will help you examine whether your or somebody else s server is an open relay. Table lists some of these sites. SMTP Security Chapter 4 85 Table Popular Open Relay Test Sites Provider Web Site URL Open Relay Database ORDB Network Abuse Clearinghouse Open Relay Test Relay Check SpamLArt Open Relay Testing Open Relay Tester submit 7Eremmie relay ted tools r Notes from the Underground. A Few Words About Open Relay Testers No open relay testers or any tools you re likely to find can provide an exhaustive test. If you test a given server and it s referred to as safe it merely means that the open relay tester encountered none of the vulnerabilities that it tests for. It s safe to assume that there are other vulnerabilities that were not detected and that a given server is .