Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2007 Receive Connectors

Posted on 2009-07-02
4
378 Views
Last Modified: 2012-05-07
Good morning,

      I have inherited an exchange 2007 server with two receive connectors setup, both using anonymous user permission groups. One connector is for SQL mail, and the other is for a custom website on my webserver. I have recently noticed SPAM that I believe to be exploiting this vulnerability, however I'm not sure what the best way to go about securing these receive connectors would be. I am reaching out for some advice on this issue if anyone can provide.

          Thank you,

 -Casper
0
Comment
Question by:casper114
  • 2
  • 2
4 Comments
 
LVL 20

Expert Comment

by:EndureKona
ID: 24763353
If you turn off  anonymous on the receive connector no one will be able to send to you from the internet.    For the SQL server connector is probably setup to allow relay from a specific IP.    

You can install the anti-spam agent on the server or get a 3rd party spam solution in place.
http://exchangepedia.com/blog/2006/09/how-to-install-anti-spam-agents-on-hub.html
0
 

Author Comment

by:casper114
ID: 24763436
 I do have the SPAM agent installed, and I have a 3rd party SPAM solution in place. However what has started happening is SPAMs are generated outside of the network and for some reason (maybe IP spoofing) it takes on the custom characteristics that only my exchange server can provide and appears to come from my domain. When researching receive connectors it seemed to be a general consensus across the board that anonymous will leave you vulnerable to these types of SPAM attacks. The way the Webmail server is setup, someone creates an account and an email is generated that comes from an internal IP address so there should be no need for anonymous. The SQL server is setup to relay from a specific IP, however again after researching this still leaves us vulnerable to SPAM attacks of this nature... Maybe i'm completely off base, but unfortunately a senior level exec has received one of the SPAM emails generating from one of our customer care teams and he expects the issue to be fixed, with the impression that if he's getting SPAM then our customers may be getting SPAM.... Any more advice would be greatly appreciated.

      Thanks,

 -Casper
0
 
LVL 20

Expert Comment

by:EndureKona
ID: 24763493
You can remove anonymous for the SQL server if you have authenication.    If you remove anonymous from your default receive connector it will resolve your spam issue, BUT no one will be able to email you from the outside world.  

It sounds like a spam solution issue BUT all the spam solutions I have worked with nothing is 100%.   How much spam is getting though?
0
 

Accepted Solution

by:
casper114 earned 0 total points
ID: 24763531
 We really do not have that much SPAM that comes through. We use SPAMfighter and I have been very satisfied with the product as a whole. This particular type of SPAM slips through because it disguises itself as an internal email address. The only thing I can attribute it too is these receive connectors. I attempted to setup authentication on the SQL receiver but i cannot seem to get emails to go through with it seutp...
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question