WINDOWS 2000 SERVER
One of the ways you can prevent relay through the internal SMTP server is to require authentication between the external server running the SMTP service and the internal server. By requiring authentication at the internal server, you help eliminate the possibility that unauthorized users --- including those inside your organization--will use the internal server for relaying or spamming.
To secure a connection between servers, start by configuring the SMTP service on the external server to use the appropriate authentication method for outgoing connections. Follow these steps:
the IIS console, and connect to the external server.
3. On the Delivery tab, click Outbound Security, and choose Windows Security Package.
4. Enter the username and password from the internal server that the system will use to authenticate the connection, and click OK.
5. Click Advanced, and enter the fully qualified domain name (FQDN) of the internal server in the Smart Host field. If you specify an IP address instead of an FQDN, enclose the address in square brackets, such as [192.168.0.4].
6. Deselect the Attempt Direct Delivery Before Sending To Smart Host option, click OK, and click OK to close the server's properties.
7. Configure the internal server to require authentication, and configure it for Windows authentication.
Configuring the connection in this way doesn't secure the e-mail system by itself; it simply secures the connection to the internal server and helps prevent unauthorized access to the internal server. You should still take steps to secure the external server to prevent unauthorized relay.