Announcement

Collapse
No announcement yet.

Internal mail security - smtp port

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internal mail security - smtp port

    Ive been investigating how you would correctly setup your mail system if for example you didnt have a service from an external provider and you managed your mail security in house.

    With port 25 being open as you would need it to be (or a port rule setup if you had a service dealing with your mail) how would you stop someone from telnetting into your mail server and spoofing an email from someone inside your organisation to other members of your organisation?

    Would you have an edge server which holds mail and then drops it according to valid address's? And for products such as the sophos email appiance?

    cheers

    So Ive found how the Sophos application deals with it - with a policy. But what about if a company had an SBS or just exchange with the integrated spam filtering
    Last edited by 5habbaranks; 5th July 2012, 16:14. Reason: Update..

  • #2
    Re: Internal mail security - smtp port

    You can just restrict relaying in your Exchange server.
    In terms of the Sophos mail appliance, that can be just setup as an upstream mail relay server and route e-mail in and out amongst other things.
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Internal mail security - smtp port

      The mail server we use (Mercury/32), has controls in place that prevent this happening. If you are outside the network mail cannot be received/sent without authorisation.
      A recent poll suggests that 6 out of 7 dwarfs are not happy

      Comment


      • #4
        Re: Internal mail security - smtp port

        We have a couple of customers with Sophos appliances, and we put them in a perimeter network if the firewall. SMTP from the internet is only allowed to the appliance, so a Telnet from the internet will hit the appliance. Only clean email goes to the internal network, and email being routed to the internet also uses the appliance as a smart host even before it goes to the ISP smart host.

        Pretty sure that Exchange 2007 and higher does not allow relaying of the email domain it is authoritative for from outside the local subnet by default. If it does there's a powershell command that I've used in the past to stop it.

        Here's the link
        http://exchangepedia.com/2008/09/how...wn-domain.html
        Last edited by cruachan; 16th July 2012, 12:02. Reason: Added Link
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        sigpic
        Cruachan's Blog

        Comment


        • #5
          Re: Internal mail security - smtp port

          Thanks guys, the test in question related to configuring the Sophos server correctly which was done and now seems to work ok.

          It was more investigating rather than implementing here as we restruct smtp to our mail security company.

          Comment

          Working...
          X