Today, we will guide you on how to disable SMTP Open Relay from IIS.
SMTP Open Relay
SMTP open mail relay allows anyone on the internet to send an email through a mail relay. This means it can be used by spammers as well. As the inbound SMTP port (25) to your machine is open to the internet, an open relay is enabled as well, and anyone can use it to send emails.
In order to disable SMTP Open Relay from the IIS, you need to perform the following steps.
1. Click on the Start Button located on the bottom left side of the screen.
2. Then, click on the search icon on the screen's upper right side.
3. Once you click on it, a search box will appear.
4. Type IIS on it. By typing it, you will get the Internet Information Service (IIS) 6.0 Manager below the search box. Select it and click on it to open.
5. Once you click on it, a new window will be opened with the name Internet Information Service (IIS) 6.0 Manager.
6. Go to the left side of the screen and click on the arrow sign.
7. By clicking on it, the SMTP Virtual Server #1 option will appear.
8. Right-click on it and select the Properties option from the drop-down list.
9. Once you click on it, a new window will be opened with the name SMTP Virtual Server #1 Properties.
10. Go to the Access tab and click on the Authentication option.
11. By clicking on it, a new window will be opened with the name Authentication. Make sure that the anonymous access option should be unchecked (disabled). Using Basic and Integrated Windows authentication is fine. Also, set the default domain to your internal Windows domain.
12. Click on the Okay button to save the settings.
13. Click on the Relay button on the SMTP Virtual Server #1 Properties window.
14. Once you click on it, a new window will be opened with the name Relay Restrictions.
15. Under Select which computer may relay through this virtual server section, select the radius button. Only the list below to relay and only those IPs that are listed will be able to send through the server.
Also, make sure that the check box allows all computers that successfully authenticate to relay regardless of the above list is selected. You can also add your server or system IP address to the list, but it is less safe and not recommended in most situations. If the server is not authenticated, then you will need to add their IP address to the list.
16. Click on the Okay button to save the setting and close the Relay Restrictions window.
17. Again, click on the Okay button to save the changes and close the SMTP Virtual Server #1 Properties window. That's all.