Avoid fake email accounts
Hello, I have configured MS Exchange 2007. I have just noticed that by doint telnet my.mail.server.com 25, anybody can connects to my mail server and send emails from fake accounts (say EMAIL GONE) to real accounts of my organization.
The question is, how can avoid this? does it have to do with Anonymous connection?
Thanks in advance,
John
Answers
SMTP from the Internet requires Anonymous connection.
My guess is (might be wrong), you have no Edge Server or other SMTP device protecting against spam in front of your Exchange server. If so, you should investigate the anti-spam agents you can run on the Hub Transport role:
With a default installation, you find two PowerShell scripts here:
C:\Program Files\Microsoft\Exchange Server\Scriptsinstall-AntispamAgents.ps1 (run this script to install the agents)
uninstall-AntispamAgents.ps1 (does what it says)
These agents will be installed (a subset of the agents on an Edge Server):Connection Filtering Agent
Content Filter Agent
Sender Id Agent
Sender Filter Agent
Recipient Filter Agent
Enable Anti-Spam Functionality on a Hub Transport Server
http://technet.microsoft.com/en-us/library/bb201691(EXCHG.140).aspxManaging Anti-Spam and Antivirus Features
http://technet.microsoft.com/en-us/library/cc501401.aspxAnti-Spam Connection Filtering when installed on Hub servers and other AS configuration misunderstandings
http://msexchangeteam.com/archive/2008/06/23/449070.aspx
Jon-Alfred Smith MCTS: Messaging | MCSE: S+M- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
- Proposed As Answer byAllen SongMSFT, ModeratorMonday, October 19, 2009 7:31 AM
- That's the way SMTP works. Anyone can send you a spoofed email. Spammers do it all the time.
You could implement Sender ID functionality ( See Jon-Alfred's post) to help mitigate that, but you cant prevent it 100%.- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
- Proposed As Answer byAllen SongMSFT, ModeratorMonday, October 19, 2009 7:27 AM
- Hi,
Additionally, you also need to do the below operations.
HOW TO: Prevent annoying spam from your own domain
http://exchangepedia.com/blog/2008/09/how-to-prevent-annoying-spam-from-your.html
Thanks
Allen- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
All Replies
SMTP from the Internet requires Anonymous connection.
My guess is (might be wrong), you have no Edge Server or other SMTP device protecting against spam in front of your Exchange server. If so, you should investigate the anti-spam agents you can run on the Hub Transport role:
With a default installation, you find two PowerShell scripts here:
C:\Program Files\Microsoft\Exchange Server\Scriptsinstall-AntispamAgents.ps1 (run this script to install the agents)
uninstall-AntispamAgents.ps1 (does what it says)
These agents will be installed (a subset of the agents on an Edge Server):Connection Filtering Agent
Content Filter Agent
Sender Id Agent
Sender Filter Agent
Recipient Filter Agent
Enable Anti-Spam Functionality on a Hub Transport Server
http://technet.microsoft.com/en-us/library/bb201691(EXCHG.140).aspxManaging Anti-Spam and Antivirus Features
http://technet.microsoft.com/en-us/library/cc501401.aspxAnti-Spam Connection Filtering when installed on Hub servers and other AS configuration misunderstandings
http://msexchangeteam.com/archive/2008/06/23/449070.aspx
Jon-Alfred Smith MCTS: Messaging | MCSE: S+M- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
- Proposed As Answer byAllen SongMSFT, ModeratorMonday, October 19, 2009 7:31 AM
- I am not sure how did you tests it. If you are trying to avoid Open relay then you need to test by below method and also make sure your server is not acting as open relay
Nice step by step artice to check the same
Are you an Open Relay?
Vinod |CCNA|MCSE 2003 +Messaging|MCTS|ITIL V3| - That's the way SMTP works. Anyone can send you a spoofed email. Spammers do it all the time.
You could implement Sender ID functionality ( See Jon-Alfred's post) to help mitigate that, but you cant prevent it 100%.- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
- Proposed As Answer byAllen SongMSFT, ModeratorMonday, October 19, 2009 7:27 AM
- Hi,
Additionally, you also need to do the below operations.
HOW TO: Prevent annoying spam from your own domain
http://exchangepedia.com/blog/2008/09/how-to-prevent-annoying-spam-from-your.html
Thanks
Allen- Marked As Answer byAllen SongMSFT, ModeratorFriday, October 23, 2009 8:02 AM
- Thank you very much for your answers.
Now it's clear.
