We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Exchange 2007 Receive Connectors

Medium Priority
395 Views
Last Modified: 2012-05-07
Good morning,

      I have inherited an exchange 2007 server with two receive connectors setup, both using anonymous user permission groups. One connector is for SQL mail, and the other is for a custom website on my webserver. I have recently noticed SPAM that I believe to be exploiting this vulnerability, however I'm not sure what the best way to go about securing these receive connectors would be. I am reaching out for some advice on this issue if anyone can provide.

          Thank you,

 -Casper
Comment
Watch Question

Rick FeeMessaging Engineer - Disaster Recovery Engineer
CERTIFIED EXPERT

Commented:
If you turn off  anonymous on the receive connector no one will be able to send to you from the internet.    For the SQL server connector is probably setup to allow relay from a specific IP.    

You can install the anti-spam agent on the server or get a 3rd party spam solution in place.
http://exchangepedia.com/blog/2006/09/how-to-install-anti-spam-agents-on-hub.html

Author

Commented:
 I do have the SPAM agent installed, and I have a 3rd party SPAM solution in place. However what has started happening is SPAMs are generated outside of the network and for some reason (maybe IP spoofing) it takes on the custom characteristics that only my exchange server can provide and appears to come from my domain. When researching receive connectors it seemed to be a general consensus across the board that anonymous will leave you vulnerable to these types of SPAM attacks. The way the Webmail server is setup, someone creates an account and an email is generated that comes from an internal IP address so there should be no need for anonymous. The SQL server is setup to relay from a specific IP, however again after researching this still leaves us vulnerable to SPAM attacks of this nature... Maybe i'm completely off base, but unfortunately a senior level exec has received one of the SPAM emails generating from one of our customer care teams and he expects the issue to be fixed, with the impression that if he's getting SPAM then our customers may be getting SPAM.... Any more advice would be greatly appreciated.

      Thanks,

 -Casper
Rick FeeMessaging Engineer - Disaster Recovery Engineer
CERTIFIED EXPERT

Commented:
You can remove anonymous for the SQL server if you have authenication.    If you remove anonymous from your default receive connector it will resolve your spam issue, BUT no one will be able to email you from the outside world.  

It sounds like a spam solution issue BUT all the spam solutions I have worked with nothing is 100%.   How much spam is getting though?
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.