Solved

mydomain@mydomain.com

Posted on 2004-04-07
4
180 Views
Last Modified: 2010-03-05
Some from outside was able to send an email to all my email recipients. How? He sent it to mydomain@mydomain.com.  I notice that whenever you create a distribution list in Exchange (Global Address List), an SMTP address is created. Basically, if someone send an email to that address, it'll be sent to all recipient in that list.

1) Is this by default in Exchange 5.5 ?
2) This is certainly a security issue. Why didn't spammers use it before?
3) Can I safely remove all email addresses (SMTP, CCMAIL, X400) from that list?

0
Comment
Question by:8mathieu8
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
What90 earned 500 total points
Comment Utility
8mathieu8 -

1) If you set up SMTP addresses every user and group with have an automatic SMTP address

2) They do, but they have to find or get the group address first.

3) Yes you can. Exchange has it's own routing naming standard as explained below:
http://www.techtutorials.com/tutorials/exchange/message_routing.shtml


You may want to check your security setting and check that your not a open relay either, just to be safe:
http://www.tek-tips.com/gfaqs.cfm/lev2/3/lev3/15/pid/10/fid/3570
http://www.msexchange.org/tutorials/Preventing_Third_Party_Relaying_In_MS_Exchange_Server_55.html


0
 

Author Comment

by:8mathieu8
Comment Utility
Good that answers my questions!

I did protect my mail server a way ago against relay.  But there is still one thing that is odd. I see about a 100 messages a day in "Outbound messages awaiting delivering" with "<>" as the originator and strange unknown address as recipient.  I was told that this is normal.  
I still feel that those message shouldn't be the the Queue.
0
 

Author Comment

by:8mathieu8
Comment Utility
Oups...one problem, now I can't send to that list anymore after removing all info in email addresses (SMTP, CCMAIL, X400).
I tried to recreate the SMTP address but it doesn't work.

I don't want to have to recreate the list!
0
 
LVL 20

Expert Comment

by:What90
Comment Utility
That's odd ... Re-add the X400 address only and retry to send to that list again.

The CCMAIL and SMTP address should only be relevent if they have a use, i.e. if someone was sending to that email address with that type of system.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now