Does anyone know how to disable AUTH in ESMTP in exchange 2003. I have had a security consultant tell us it should be done along with ATRN,ETRN and TURN to secure our Internet facing Exchange server. I have looked at the KB article below but cannot find AUTH. Is it something that should even be done? Does anyone have a checklist for securing an Internet facing exchange server?