Solved

mydomain@mydomain.com

Posted on 2004-04-07
4
194 Views
Last Modified: 2010-03-05
Some from outside was able to send an email to all my email recipients. How? He sent it to mydomain@mydomain.com.  I notice that whenever you create a distribution list in Exchange (Global Address List), an SMTP address is created. Basically, if someone send an email to that address, it'll be sent to all recipient in that list.

1) Is this by default in Exchange 5.5 ?
2) This is certainly a security issue. Why didn't spammers use it before?
3) Can I safely remove all email addresses (SMTP, CCMAIL, X400) from that list?

0
Comment
Question by:8mathieu8
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
What90 earned 500 total points
ID: 10775132
8mathieu8 -

1) If you set up SMTP addresses every user and group with have an automatic SMTP address

2) They do, but they have to find or get the group address first.

3) Yes you can. Exchange has it's own routing naming standard as explained below:
http://www.techtutorials.com/tutorials/exchange/message_routing.shtml


You may want to check your security setting and check that your not a open relay either, just to be safe:
http://www.tek-tips.com/gfaqs.cfm/lev2/3/lev3/15/pid/10/fid/3570
http://www.msexchange.org/tutorials/Preventing_Third_Party_Relaying_In_MS_Exchange_Server_55.html


0
 

Author Comment

by:8mathieu8
ID: 10775716
Good that answers my questions!

I did protect my mail server a way ago against relay.  But there is still one thing that is odd. I see about a 100 messages a day in "Outbound messages awaiting delivering" with "<>" as the originator and strange unknown address as recipient.  I was told that this is normal.  
I still feel that those message shouldn't be the the Queue.
0
 

Author Comment

by:8mathieu8
ID: 10776465
Oups...one problem, now I can't send to that list anymore after removing all info in email addresses (SMTP, CCMAIL, X400).
I tried to recreate the SMTP address but it doesn't work.

I don't want to have to recreate the list!
0
 
LVL 20

Expert Comment

by:What90
ID: 10779307
That's odd ... Re-add the X400 address only and retry to send to that list again.

The CCMAIL and SMTP address should only be relevent if they have a use, i.e. if someone was sending to that email address with that type of system.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now