Securing SMTP service on Exchange 2k/2k3

[Random Task <rand0m_t4sk () yahoo com>]

Good day,

I've two clients, one running Exchange 2000, the other Exchange 2003.
Both servers have port 25 open to the net (for obvious reasons). If
one telnets to either server, it will not relay email if it appears
to come from someone inside to someone outside, and will not relay
from outside coming in. Both of these points are good.

What it will do, and the problem I'd like suggestions for, is allow
email from a valid or invalid internal address to a valid internal
email address.

For example, I login in to mail.client-name-here.com, and have this
following exchange:
helo domain.com
250 mail.client-name-here.com Hello [My IP], pleased to meet you
mail from: fake-account () client-name-here com
250 2.1.0 fake-account () client-name-here com... Sender ok
rcpt to: real-account () client-name-here com
250 2.1.5 real-account () client-name-here com... Recipient ok
<message goes here>
.
250 2.0.0 <msg id> Message accepted for delivery

What I want to have happen is have this be rejected because
fake-account is not a valid account. Could I require SMTP AUTH in
Exchange? Would that solve this problem? Has anyone encountered
another solution to this?

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------