• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

mydomain@mydomain.com

Some from outside was able to send an email to all my email recipients. How? He sent it to mydomain@mydomain.com.  I notice that whenever you create a distribution list in Exchange (Global Address List), an SMTP address is created. Basically, if someone send an email to that address, it'll be sent to all recipient in that list.

1) Is this by default in Exchange 5.5 ?
2) This is certainly a security issue. Why didn't spammers use it before?
3) Can I safely remove all email addresses (SMTP, CCMAIL, X400) from that list?

0
8mathieu8
Asked:
8mathieu8
  • 2
  • 2
1 Solution
 
What90Commented:
8mathieu8 -

1) If you set up SMTP addresses every user and group with have an automatic SMTP address

2) They do, but they have to find or get the group address first.

3) Yes you can. Exchange has it's own routing naming standard as explained below:
http://www.techtutorials.com/tutorials/exchange/message_routing.shtml


You may want to check your security setting and check that your not a open relay either, just to be safe:
http://www.tek-tips.com/gfaqs.cfm/lev2/3/lev3/15/pid/10/fid/3570
http://www.msexchange.org/tutorials/Preventing_Third_Party_Relaying_In_MS_Exchange_Server_55.html


0
 
8mathieu8Author Commented:
Good that answers my questions!

I did protect my mail server a way ago against relay.  But there is still one thing that is odd. I see about a 100 messages a day in "Outbound messages awaiting delivering" with "<>" as the originator and strange unknown address as recipient.  I was told that this is normal.  
I still feel that those message shouldn't be the the Queue.
0
 
8mathieu8Author Commented:
Oups...one problem, now I can't send to that list anymore after removing all info in email addresses (SMTP, CCMAIL, X400).
I tried to recreate the SMTP address but it doesn't work.

I don't want to have to recreate the list!
0
 
What90Commented:
That's odd ... Re-add the X400 address only and retry to send to that list again.

The CCMAIL and SMTP address should only be relevent if they have a use, i.e. if someone was sending to that email address with that type of system.
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now