?
Solved

Exchange 2007 Receive Connectors

Posted on 2009-07-02
4
Medium Priority
?
381 Views
Last Modified: 2012-05-07
Good morning,

      I have inherited an exchange 2007 server with two receive connectors setup, both using anonymous user permission groups. One connector is for SQL mail, and the other is for a custom website on my webserver. I have recently noticed SPAM that I believe to be exploiting this vulnerability, however I'm not sure what the best way to go about securing these receive connectors would be. I am reaching out for some advice on this issue if anyone can provide.

          Thank you,

 -Casper
0
Comment
Question by:casper114
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 20

Expert Comment

by:EndureKona
ID: 24763353
If you turn off  anonymous on the receive connector no one will be able to send to you from the internet.    For the SQL server connector is probably setup to allow relay from a specific IP.    

You can install the anti-spam agent on the server or get a 3rd party spam solution in place.
http://exchangepedia.com/blog/2006/09/how-to-install-anti-spam-agents-on-hub.html
0
 

Author Comment

by:casper114
ID: 24763436
 I do have the SPAM agent installed, and I have a 3rd party SPAM solution in place. However what has started happening is SPAMs are generated outside of the network and for some reason (maybe IP spoofing) it takes on the custom characteristics that only my exchange server can provide and appears to come from my domain. When researching receive connectors it seemed to be a general consensus across the board that anonymous will leave you vulnerable to these types of SPAM attacks. The way the Webmail server is setup, someone creates an account and an email is generated that comes from an internal IP address so there should be no need for anonymous. The SQL server is setup to relay from a specific IP, however again after researching this still leaves us vulnerable to SPAM attacks of this nature... Maybe i'm completely off base, but unfortunately a senior level exec has received one of the SPAM emails generating from one of our customer care teams and he expects the issue to be fixed, with the impression that if he's getting SPAM then our customers may be getting SPAM.... Any more advice would be greatly appreciated.

      Thanks,

 -Casper
0
 
LVL 20

Expert Comment

by:EndureKona
ID: 24763493
You can remove anonymous for the SQL server if you have authenication.    If you remove anonymous from your default receive connector it will resolve your spam issue, BUT no one will be able to email you from the outside world.  

It sounds like a spam solution issue BUT all the spam solutions I have worked with nothing is 100%.   How much spam is getting though?
0
 

Accepted Solution

by:
casper114 earned 0 total points
ID: 24763531
 We really do not have that much SPAM that comes through. We use SPAMfighter and I have been very satisfied with the product as a whole. This particular type of SPAM slips through because it disguises itself as an internal email address. The only thing I can attribute it too is these receive connectors. I attempted to setup authentication on the SQL receiver but i cannot seem to get emails to go through with it seutp...
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question