locked
Ms-Exch-SMTP-Accept-Any-Sender with spam filter RRS feed

  • Question

  • We are having a problem with our spam filter sending digest emails to nonexistent users. The Administator@domain.com box is filling up with these undeliverable digest emails.

    What we suspect is that outside people are sending email to users that do not exist. The spam filter sees the email as spam and puts it into quarantine. Then it attempts to send a digest email to this nonexistent user and we get an internal bounce.

    After talking with the spam filter vendor we have determined that the spam filter is relying on exchange to tell it if a mailbox exists or not to accept email for (the email hits the spam filter first before going to exchange)

    The spam filter vendor has recommended we remove the mx-exch-smtp-accept-any-sender to prevent email being accepted by the spam filter for non existent email boxes.

    I am wondering how we go about doing that. We basically want the ability for exchange to reject any email that does not correspond to an active mailbox in the domain.

    Tuesday, October 11, 2011 5:14 PM

Answers

  • http://www.jjclements.co.uk/2010/09/23/exchange-2010-recipient-filtering-on-a-hub-transport-server/

     

    this is the answer.

    • Marked as answer by cyr0nk0r Tuesday, October 11, 2011 10:41 PM
    Tuesday, October 11, 2011 10:41 PM

All replies

  • On Tue, 11 Oct 2011 17:14:23 +0000, cyr0nk0r wrote:
     
    >We are having a problem with our spam filter sending digest emails to nonexistent users. The Administator@domain.com box is filling up with these undeliverable digest emails.
    >
    >What we suspect is that outside people are sending email to users that do not exist. The spam filter sees the email as spam and puts it into quarantine. Then it attempts to send a digest email to this nonexistent user and we get an internal bounce.
    >
    >After talking with the spam filter vendor we have determined that the spam filter is relying on exchange to tell it if a mailbox exists or not to accept email for (the email hits the spam filter first before going to exchange)
     
    The spam filter can't do LDAP queries against the AD? Ten years ago
    that wouldn't be surprising, but not today.
     
    >The spam filter vendor has recommended we remove the mx-exch-smtp-accept-any-sender to prevent email being accepted by the spam filter for non existent email boxes.
     
    That permission isn't enabled by default. Setting it would bypass the
    sender address spoof checking.
     
    Why not just enable recipient filtering on the Exchange server and
    have it reject any addresses not found in the AD? I'd still prefer to
    have the security appliance manage that, though.
     
    I think your OEM is a bit ill-informed, perhaps even about their own
    product!
     
    >I am wondering how we go about doing that. We basically want the ability for exchange to reject any email that does not correspond to an active mailbox in the domain.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, October 11, 2011 7:41 PM
  • Why not just enable recipient filtering on the Exchange server and
    have it reject any addresses not found in the AD? I'd still prefer to
    have the security appliance manage that, though.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Great, sounds great. How would we go about setting that up. As long as our spam filter gets a rejection from exchange if a particular mailbox doesn't exist then the spam filter wont accept email for that box at all which will prevent the spam from going into quarantine for a non existent box.
    Tuesday, October 11, 2011 9:35 PM
  • On Tue, 11 Oct 2011 21:35:16 +0000, cyr0nk0r wrote:
     
    >>Why not just enable recipient filtering on the Exchange server and have it reject any addresses not found in the AD? I'd still prefer to have the security appliance manage that, though. --- Rich Matheisen MCSE+I, Exchange MVP
    >>--- Rich Matheisen MCSE+I, Exchange MVP
     
    >Great, sounds great. How would we go about setting that up. As long as our spam filter gets a rejection from exchange if a particular mailbox doesn't exist then the spam filter wont accept email for that box at all which will prevent the spam from going into quarantine for a non existent box.
     
    Have you looked for "recipient filtering" in the EMC "help"? Or a
    search engine?
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, October 11, 2011 9:42 PM
  • [PS] C:\windows\system32>set-recipientfilterconfig -enabled $true

    WARNING: The command completed successfully but no settings of 'RecipientFilterConfig' have been modified.

    [PS] C:\windows\system32>

     

    http://technet.microsoft.com/en-us/library/bb125187.aspx

     

    Our exchange server has all roles on 1 box.


    • Edited by cyr0nk0r Tuesday, October 11, 2011 10:07 PM
    Tuesday, October 11, 2011 10:07 PM
  • http://www.jjclements.co.uk/2010/09/23/exchange-2010-recipient-filtering-on-a-hub-transport-server/

     

    this is the answer.

    • Marked as answer by cyr0nk0r Tuesday, October 11, 2011 10:41 PM
    Tuesday, October 11, 2011 10:41 PM