Does In-Place Upgrade of Microsoft Exchange Create Open Relays?

Over the past few months, we have seen a significant and steady increase in the number of open relay MTAs that are running Microsoft Exchange. In every case where we have been able to talk to someone at the organization running the open relay, the universal comment is "Our network consultant just upgraded our mail system."

Since we are not an Exchange user, Microsoft will not discuss the issue with us. However, we have been able to talk to a few "network consultants" and the problem appears to occur when an existing (and secure) version of Exchange is upgraded in-place on the same host. We have been told that the problem is occurring on upgrades of Exchange 5.x to Exchange 2000, and Exchange 2000 to Exchange 2000 Service Pack 3.

Apparently, either of these two upgrades will cause a previously secure version of Exchange to become an open relay that must be manually closed.

One person also told us that they were told that the "Exchange 2000 Post-Service Pack 3 (SP3) Rollup Patch 6396.1" was supposed to fix the problem, but they had not tried to find and apply the patch ,and did not know anyone who had used it.

Does anyone have any specific details on this problem?

Thanks in advance!

Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC USA