Exchange Server 2003: Why some users are receiving Junk emails from their own email addresses?
Answers
Hi,
If you are able to identify that the message is received from Internet, as Alexander indicated, the Internet user forged your email address and sent an email to you. You can consider the following method to fix the issue.
For Exchange 2003, you can disable the function by using following method:
1. Configure Sender Filtering by adding your domain such as *@yourdomain.com
2. Enable the Sender Filtering on the SMTP VS which used to receive the external email
Note: After applying the filter, the authenticated user cannot send email through the SMTP VS either, You need to add a new SMTP VS to receive email for authenticated user. You can disable anonymous user on the new SMTP VS.
For Exchange 2007, we can simply run the following command to remove the ms-exch-smtp-accept-authoritative-domain-sender right for the Anonymous user on the receive connector which used to receive external email.
Get-ReceiveConnector "ReceiveConnector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission
Mike
- Marked As Answer byMike ShenMSFT, ModeratorFriday, December 19, 2008 5:49 AM
All Replies
Hi,
1. Please review the message tracking log or the message header of the junk email to check where the message is received. Whether the message is received from your internal server or through external smtp server.
2. Please check how the sender address is displayed in Outlook:
From: First_nameLast_name
Or
From: First_nameLast_Name [first_name.last_name@domain.com]
3. Please check whether the “Resolve anonymous e-mail” option has been selected:
Mike
99.99% the answer is: Spoofing
Spammers are setting the same address for both the sender and recipient.
IMF Tune - Unleash the Full Intelligent Message Filter Power - http://www.windeveloper.com/imftune/Hi,
If you are able to identify that the message is received from Internet, as Alexander indicated, the Internet user forged your email address and sent an email to you. You can consider the following method to fix the issue.
For Exchange 2003, you can disable the function by using following method:
1. Configure Sender Filtering by adding your domain such as *@yourdomain.com
2. Enable the Sender Filtering on the SMTP VS which used to receive the external email
Note: After applying the filter, the authenticated user cannot send email through the SMTP VS either, You need to add a new SMTP VS to receive email for authenticated user. You can disable anonymous user on the new SMTP VS.
For Exchange 2007, we can simply run the following command to remove the ms-exch-smtp-accept-authoritative-domain-sender right for the Anonymous user on the receive connector which used to receive external email.
Get-ReceiveConnector "ReceiveConnector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission
Mike
- Marked As Answer byMike ShenMSFT, ModeratorFriday, December 19, 2008 5:49 AM
- <!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:1; mso-generic-font-family:roman; mso-font-format:other; mso-font-pitch:variable; mso-font-signature:0 0 0 0 0 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0in; margin-right:0in; margin-bottom:10.0pt; margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} -->
Rid of those pesky bugs you pick when surfing the net.
One of the first things that I learned when I got my new computer was that if you own a PC then you better have a good antispyware scanner to help get rid of those pesky bugs you pick when surfing the net. Otherwise, your computer won’t keep running like new for very long. It will begin to slow down and eventually get so sluggish you won’t even be able to use it. I tried a variety of different scans before I ran across Search-and-destroy Antispyware at http://www.Search-and-destroy.com . So far I have been very happy with the antispyware solution from Search-and-destroy and very glad that I gave it a try.
For Exchange 2007, we can simply run the following command to remove the ms-exch-smtp-accept-authoritative-domain-sender right for the Anonymous user on the receive connector which used to receive external email.
Get-ReceiveConnector "ReceiveConnector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission
Where is this run from? Hub Transport? Can someone provide a step-by-step to perform the above operation?
Can this be cut-and-pasted as typed above or do you have to add your own settings?
Thank you in advanced!!!- This is run from the Exchange 2007 Power Shell
