How does one go about setting up a mailserver safe from spam relay, but can still send email to all other domains? It is possible right? I've been scouring the internet and testing on my server but it seems as though there is only open relay (can relay to all domains), or closed relay (can only relay for your domain). No in between. I've been testing UNIX sendmail, UNIX Qmail, and Microsoft Exchange 2000 and it's all the same. Im currently trying to make Microsoft Exchange 2000 work. It can receive mail from any domain, but cant send mail anywhere. I was also wondering what you might think about placing the mail server behind a firewall (not in DMZ) so it can only be accesses internally, and by VPN users remotely. But If I do this, how will mail sent to my domain reach the server if it's not in the DMZ? Thanks

Specificlly, Microsoft Exchange 2000 by default does NOT allow unauthentaicated SMTP relay. Check out Microsoft Knowledge Base Article - 310380 HOW TO: Prevent Exchange 2000 from Being Used as a Mail Relay in Windows 2000 http://support.microsoft.com/default.aspx?scid=kb;en-us;Q310380 Once you've setup and configured your Exhcnage server if mail can arrive then MX records and hosts are good. If you can't send out the first thing to check is if DNS resolution is functioning. If yuu have an internal DNS server, make sure it forwards request to some DNS server outside your local LAN for resources it can resolve locally. If you're using some form of Proxy or firewall, ISA, filtering etc - make sure SMTP traffic in/out is allowed. If you put your Mail server behind a firewall (on a private non reouteable IP) in order to route SMTP port 25 traffic you need to setup something that Listens for port 25 on the Internet valid IP and then sends it the internal Private IP. Either Port address translation (PAT) or Network Address Translation (NAT) or Filtering (proxyish). All of those serve similar abilities. Go to the Exchange servers Queues and Eenumerate the Outbound messages to look at the Errors if any. This well help narrow why mail can't get out. You should be able to see the Status Like; "DNS resolution failed" or "Network Error" and so on..