Exchange 2007 Receive Connectors

Good morning,

      I have inherited an exchange 2007 server with two receive connectors setup, both using anonymous user permission groups. One connector is for SQL mail, and the other is for a custom website on my webserver. I have recently noticed SPAM that I believe to be exploiting this vulnerability, however I'm not sure what the best way to go about securing these receive connectors would be. I am reaching out for some advice on this issue if anyone can provide.

          Thank you,

Who is Participating?
casper114Connect With a Mentor Author Commented:
 We really do not have that much SPAM that comes through. We use SPAMfighter and I have been very satisfied with the product as a whole. This particular type of SPAM slips through because it disguises itself as an internal email address. The only thing I can attribute it too is these receive connectors. I attempted to setup authentication on the SQL receiver but i cannot seem to get emails to go through with it seutp...
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
If you turn off  anonymous on the receive connector no one will be able to send to you from the internet.    For the SQL server connector is probably setup to allow relay from a specific IP.    

You can install the anti-spam agent on the server or get a 3rd party spam solution in place.
casper114Author Commented:
 I do have the SPAM agent installed, and I have a 3rd party SPAM solution in place. However what has started happening is SPAMs are generated outside of the network and for some reason (maybe IP spoofing) it takes on the custom characteristics that only my exchange server can provide and appears to come from my domain. When researching receive connectors it seemed to be a general consensus across the board that anonymous will leave you vulnerable to these types of SPAM attacks. The way the Webmail server is setup, someone creates an account and an email is generated that comes from an internal IP address so there should be no need for anonymous. The SQL server is setup to relay from a specific IP, however again after researching this still leaves us vulnerable to SPAM attacks of this nature... Maybe i'm completely off base, but unfortunately a senior level exec has received one of the SPAM emails generating from one of our customer care teams and he expects the issue to be fixed, with the impression that if he's getting SPAM then our customers may be getting SPAM.... Any more advice would be greatly appreciated.


Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
You can remove anonymous for the SQL server if you have authenication.    If you remove anonymous from your default receive connector it will resolve your spam issue, BUT no one will be able to email you from the outside world.  

It sounds like a spam solution issue BUT all the spam solutions I have worked with nothing is 100%.   How much spam is getting though?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.