• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 280
  • Last Modified:

Exchange 2007 Sender Policy Framework

Hi. We are looking at increasing our security and one of the tasks is to deny hackers that TELNET to our mail server via port 25 and send an email from a user thats on my domain to another user thats on my domain. If an hacker does this the originating IP will be external thus this must not be allowed. However, I tried changing some settings in Exchange 2007 under Receive connectors but then my emails start queing up so i had to reverse my changes. Please advise. I dont want to change port 25 nor do I want to deny telnet, i believe its IPs allowed in receive connectors that i have to change but how.Thanks
0
BSTIT
Asked:
BSTIT
  • 2
  • 2
1 Solution
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
If you are so concerned, why don't you disable telnet acces on your firewall and open it only when you need to test something?
0
 
gupnitCommented:
Hi,
Exchange 2007 is secure by default and is not an open relay, unless you make changes to it. Can you please show me some mail, that you suspect. You should not be thinking about blocking port 25, as your mail flow will be hampered.
Thanks
Nitin Gupta (gupnit)
0
 
BSTITAuthor Commented:
Hi qupnit. Let me give you an example. User A on my networks email address is userA@domain.com and User B on my network is userB@domain.com. If a hacker telnets to my exchange server on port 25 and then sends an email from userA@domain.com to userB@domain.com requesting him to transfer money urgently to a bank account. userB will not know its a hacker and will then transfer the money which is a huge security risk. We cant blcok userA email address because its valid but surely there is a way to block an email address if its an internal email address but is not from an internal Ip address
0
 
BSTITAuthor Commented:
HI All. Thanks but i found the solution. We basically added the Anti Spam Ip's to our firewall whereby we allowing only mails from these IP's over port 25. Now if i telnet from the outside to my exchange server it denies access. PERFECT....thanks
0
 
gupnitCommented:
Great
Cheers
Nitin
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now