Can the SPAM Mail Server

Configuring Exchange Server

One of the startling discoveries waiting for an organisation that connects it's computers to the Internet is the shear number of hackers probing for open servers. They're not out to get you personally, they've no idea who you are. But they continually scan ranges of IP addresses looking for a response. By and large they mean no harm, they simply want to hijack your servers and network bandwidth for their own use. But there are others who look to exploit flaws in the more popular server software and infect servers with viruses or simply crash the system. The attacks are fully automated. If your server allows them in once, a deluge will follow. If your server routinely denies access the probes will fall back to a background level.

Our interest here in mail servers. The attackers are usually spammers who seek to use your server to deliver their mail. By specifying multiple recipients, a spammer can send one mail message to your server and have your server and your network connection deliver the same item dozens of times. And, by careful manipulation of the mail headers, the mail cannot be traced back to it's origin but it might be traced back to you. It will generate large volumes of traffic on your server and network connection and will probably provoke a response from your ISP.

Because the spammers are not interested in you personally, i.e. they're not trying to get into your system and read your mail, they can be defeated with basic security measures. Simply requiring clients to authenticate themselves to your mail server is sufficient.
Many older mail servers don't have authentication mechanisms. The venerable Exchange Server 5.0 is a case in point. And it's surprising just how many Exchange Server 5.0 on NT 4.0 systems there are out there. Many more than Microsoft would care to admit. Exchange Server 5.5 had basic authentication but that's no longer available. So if you're still running Exchange Server 5.0 on NT 4.0 your upgrade path is Exchange Server 2000 on Windows 2000 Server. And you'll probably need new hardware too.

Apart from spending load'sa money, what are your options?
Follow the Exchange Server link on the left for information on configuring Exchange Server 5.0 to block the spammers by restricting access to known IP addresses. It's not ideal but it will frustrate the spammers. Unfortunately it may frustrate your users as well.
And follow the server link for information on configuring the mail servers to provide a public interface for your system while keeping Exchange Server for internal use.