vppsit
asked on
LDAP quarry to exchange to determine valid email addresses
MY ISP does spam and virus filering for me then relays the email to my exchange 2003 server. This is working
great as it takes a load off my server.
They offer one more service. They can do a LDAP quarry to my network for valid emails
and if it is a valid user then the mail would be fowarded to me, otherwise would be dropped
at thier server. This sounds great but how do I make it work. Exchange itself do not answer
LDAP quarries and I dont want to put a DC in the DMZ.
So can I setup a LDAP server service on a box that is visable to them and then use the firewall
so only they can quarry it?
Is this worth spending more time on trying to resolve?
The ISP feels that it very worth while and can prevent DOS attacks.
john
great as it takes a load off my server.
They offer one more service. They can do a LDAP quarry to my network for valid emails
and if it is a valid user then the mail would be fowarded to me, otherwise would be dropped
at thier server. This sounds great but how do I make it work. Exchange itself do not answer
LDAP quarries and I dont want to put a DC in the DMZ.
So can I setup a LDAP server service on a box that is visable to them and then use the firewall
so only they can quarry it?
Is this worth spending more time on trying to resolve?
The ISP feels that it very worth while and can prevent DOS attacks.
john
why go through all this trouble when exchange 2003 has a feature that will drop any
connection for a user that does not exist on ur Active Directory??
connection for a user that does not exist on ur Active Directory??
ASKER
is there any special setups required to make this work ?
Does that mean the exchange does not have to process the whole email to determine the
addressee does not exist on my system
Does that mean the exchange does not have to process the whole email to determine the
addressee does not exist on my system
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the info
I have made the changes . Is there a way to test if the quarry is done before
receiving the entire mail?
I also blocked email with blank senders.
I have made the changes . Is there a way to test if the quarry is done before
receiving the entire mail?
I also blocked email with blank senders.
well i am not sure if i have an answer for this question....but maybe diagnostic logging
if enabled may be able to show what happens when a message is recieved for a user that does not exist on ur AD...but since the option is to drop connection then i am sure
message is not accepted yet orelse there will ne no use to drop the connection....
now one more tip ....u should also block ur own domain from incomming....
under sender filtering add ur own domain ....some spammers use this technique.....
if enabled may be able to show what happens when a message is recieved for a user that does not exist on ur AD...but since the option is to drop connection then i am sure
message is not accepted yet orelse there will ne no use to drop the connection....
now one more tip ....u should also block ur own domain from incomming....
under sender filtering add ur own domain ....some spammers use this technique.....
this is a link that explaine more:
http://www.microsoft.com/technet/itsolutions/msit/deploy/cfimwiis.mspx#EGAA