> I have an W2K IIS Box in my DMZ that accepts mail inbound for our company
and
> also acts as a smart host to relay mail outbound. Inside we have Exchange
> 2000 Server. My question is whether the W2K server can be configured to
not
> accept commands for cc or bcc when they originate from outside our
network?
> I think that the base problem is that spammers create an email address to
> wrongname@mydomain.com and then put 1000s of addresses in the bcc and then
> use their spam software to connect directlly to the DMZ server. The
server
> does what it is supposed to because it accepts an email addressed properly
to
> the mydomain that it services. However, it also seems that it distributes
> the 1000s of spam for them at the same time. This is just a guess as to
how
> they are doing it, but my clues come from the border server generating
NDR's
> that are from emails sent to addresses overseas etc. I have read all of
the
> configuration articles on MS about how to configure our DMZ server and it
> passes the relay test when they are applied from multiple outside
services.
> Does the IIS service have any capabilities to regulate what occurs based
on
> the direction of flow of the mail? Does it have any ability to restrict
the
> cc and bcc functionality? I assume that the first SMTP server is
responsible
> for to, cc and bcc distribution, is that correct? Thanks for any help
anyone
> can offer.