Announcement

Collapse
No announcement yet.

Stoping malicious email sent from inside domain to outside using all in one server.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stoping malicious email sent from inside domain to outside using all in one server.

    Hi All,

    When I do a simple test of telnet to my mail server, i just realize that it allows me to send email like this scenario:

    from inside to outside: [email protected] to [email protected]
    from inside to inside: [email protected] to [email protected] (while sending in fake payrise email to myself )

    how to make the sen connector more secure by not allowing those attack ?

    here's what I've done:

    Using: http://www.mxtoolbox.com/diagnostic.aspx
    from the test I've found that the reverse DNS is not correct
    Reverse DNS FAILED! This is a problem.

    When i query the send queue using get-message I've found that the
    MessageSourceName = SMTP:Receive Connector
    SourceIP = My Own Smarthost IP

    I've also created SPF record for this cause and for the smtp authentication (Receive connector authentication)

    1. Transport Layer Security
    2. Basic Authentication
    3. Exchange Server authentication
    4. Integrated Windows authentication
    5. Externally Secured (for example, with IPsec).

    all of them left unchecked.

    Any idea would be appreciated.

    Thanks,
    ________
    herbalaire vaporizer
    Last edited by Albertwt; 21st January 2011, 11:18.

  • #2
    Re: Stoping malicious email sent from inside domain to outside using all in one serve

    Problem 1 (Inside to outside): You could create a transport rule that will deny addresses not from your domain.

    Problem 2 (Inside to inside): Within Server configuration -> hub transport. You can create a seperate receive connector for inside your domain and outside. For inside you can setup the connector to require authentication, therefore anything with your ip range will be filtered, and then anything outside your ip range will still be allowed in.

    Comment


    • #3
      Re: Stoping malicious email sent from inside domain to outside using all in one serve

      Thanks for the reply Bob,

      The solution for number 1 has been tested and works like a charm.
      but number 2, hasn't tried that one yet

      Comment


      • #4
        Re: Stoping malicious email sent from inside domain to outside using all in one serve

        Alright!!
        Let us know if that works

        Comment

        Working...
        X