Foreign IP's Hitting NAT ip address of Exchange 2019 Server

Copper Contributor

All my exchange mail boxes on my Exchange 2019 Server have been migrated to Office 365 in the Cloud.  The on-prem Exchange Server is basically there for AD replication to Office 365 -  I have AD Connect running as well.  The Exchange Server's ip is NAT'd to interface to the world.   I also have a separate Windows SMTP Server that is running Micosoft SMTP Services and it also NAT'd to the world to send and receive SMTP mail.  Right now the following ports are opened on the Exchange Server's side to the world:   HTTP,HTTPS,IMAP,IMAPS,POP3S,SMTP,SMTPS.  The issue I am seeing is that my Exchange Server from the outside world is getting hit with tons of SMTP Receive errors from foreign IP's  - all over the world.  I am trying to stop even thought the Exchange Server is has  pretty small footprint, I know that it is vulnerable to attacks - especially ransomeware.   Would greatly appreciate some feed back - should I shut down the SMTP port access from the outside or just shutdown all access to the Exchange Server from the outside?  Thank you!.  

0 Replies