Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Configuring mail server to prevent "spoofing" of internal mail addresses.

Posted on 2006-10-27
4
Medium Priority
?
1,263 Views
Last Modified: 2010-08-05
My company just went through an internal vulnerability assessment and one of the recommendations was to configure our 2003 Standard mail server (not exchange-it's for internal use only --employee and application notifications-- and not external email) to prevent someone from the inside telnetting to port 25 and using the helo command to "spoof" an employees email address to send mail to other employees. I am not finding a way to do this at all. Any help would be greatly appreciated, this is driving me insane :) I have to come up with a response for this other than "this is a serious problem?"
0
Comment
Question by:dshaney
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 17

Accepted Solution

by:
BudDurland earned 2000 total points
ID: 17822953
I don't think it can be done.

The first part of an SMTP conversation is the user can pretty much enter any e-mail address they want as the 'sender' (which, by the way, doesn't have to be anything like the e-mail address in the "From:" line in the message body.  

I think you can configure the server to only accept mail from a specific domain -- that is, the given e-mail address has to end in '@mycompnay.com'.

The fastest solution might be to turn on SMTP authentication, and it will force the user to identify themselves with an account name and password.  Depending on the type of authentication, the password is send over the wire encrypted -- very hard for a telnet user to duplicate.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17825392
When I get "recommendations" such as this I like to ask the company making the recommendations how that should be done. It looks like one of those things where they cannot find anything else to complain about, but most complain about something.

The only way that you could do that would be to use a spam filter to block email messages from your own domain unless authenticated. However that will stop any of the "Send to a friend" type scripts you see on web pages and could also impact other services you may run that send you email.

Simon.
0
 

Author Comment

by:dshaney
ID: 17880862
Yes,

Using SMTP authentication fixes the basic problem. Unfortunately, some application notifications do not offer the ability to authenticate. I see no way to work around that, so I'm going to reply that it is an acceptable risk for us and that those types of emails can be tracked to the source ip, etc...

Thanks for the help :)
0
 

Expert Comment

by:MelittaChickadee
ID: 22611781
How do you track down the IP Addr ?
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I didn’t use eM Client for long when I decided to swap to Outlook 2016. The reason for the switch is that it started asking for payment to continue some of its services after one month.   The problems I faced when I didn’t pay were:   I was not …
We aren’t perfect, just like everyone else.  Check out the email errors our community caught and learn the top errors every email marketer should avoid.
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question