Exchange 2007 Receive Connectors

Good morning,

      I have inherited an exchange 2007 server with two receive connectors setup, both using anonymous user permission groups. One connector is for SQL mail, and the other is for a custom website on my webserver. I have recently noticed SPAM that I believe to be exploiting this vulnerability, however I'm not sure what the best way to go about securing these receive connectors would be. I am reaching out for some advice on this issue if anyone can provide.

          Thank you,

 -Casper
casper114Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
If you turn off  anonymous on the receive connector no one will be able to send to you from the internet.    For the SQL server connector is probably setup to allow relay from a specific IP.    

You can install the anti-spam agent on the server or get a 3rd party spam solution in place.
http://exchangepedia.com/blog/2006/09/how-to-install-anti-spam-agents-on-hub.html
0
casper114Author Commented:
 I do have the SPAM agent installed, and I have a 3rd party SPAM solution in place. However what has started happening is SPAMs are generated outside of the network and for some reason (maybe IP spoofing) it takes on the custom characteristics that only my exchange server can provide and appears to come from my domain. When researching receive connectors it seemed to be a general consensus across the board that anonymous will leave you vulnerable to these types of SPAM attacks. The way the Webmail server is setup, someone creates an account and an email is generated that comes from an internal IP address so there should be no need for anonymous. The SQL server is setup to relay from a specific IP, however again after researching this still leaves us vulnerable to SPAM attacks of this nature... Maybe i'm completely off base, but unfortunately a senior level exec has received one of the SPAM emails generating from one of our customer care teams and he expects the issue to be fixed, with the impression that if he's getting SPAM then our customers may be getting SPAM.... Any more advice would be greatly appreciated.

      Thanks,

 -Casper
0
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
You can remove anonymous for the SQL server if you have authenication.    If you remove anonymous from your default receive connector it will resolve your spam issue, BUT no one will be able to email you from the outside world.  

It sounds like a spam solution issue BUT all the spam solutions I have worked with nothing is 100%.   How much spam is getting though?
0
casper114Author Commented:
 We really do not have that much SPAM that comes through. We use SPAMfighter and I have been very satisfied with the product as a whole. This particular type of SPAM slips through because it disguises itself as an internal email address. The only thing I can attribute it too is these receive connectors. I attempted to setup authentication on the SQL receiver but i cannot seem to get emails to go through with it seutp...
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.