Exchange 2007 w/SP1...I'm having an issue where anyone can telnet to port 25, make up a bogus mail from email endingin my domain (ex. bogus@mydomain.com) and send that to any real internal mailbox (ex. real@mydomain.com). How do I restrict that? I have 2 recieve connectors (an Internal and an Internet).

This is the nature of SMTP, and does not mean you are an open relay. There are many ways to prevent this type of spam, but spf records might be worth looking into. http://microsoft.com/senderid

Hi Jonathan, Please understand that if an email is sent to your internal mailbox, it is not considered as relay email. Only an email is sent to an Internet email address, it is a relay email. If your SMTP server receive and transmit an email which is sent to an Internet email address without requiring authentication, the SMTP server is considered as an open relay server. Mike