Solved

Filter recipients who are not in the Directory

Posted on 2011-09-20
2
282 Views
Last Modified: 2012-05-12
Hello,

I have this setting enabled "Filter recipients who are not in the Directory" in our Exchange Server 2003. However, our consulting company has advised to remove this setting to prevent hackers from farming for valid e-mail addresses. Any thoughts on this? Do you guys leave this setting on or off and why? Thanks!
0
Comment
Question by:vrosas_03
2 Comments
 
LVL 1

Accepted Solution

by:
TPAMisfit earned 500 total points
ID: 36570672
I think Microsoft recommends not enabling this feature because once you do, a Directory Harvest Attack can be used to gain knowledge of the valid e-mail addresses in your organization. Personally, we have it enabled and use the Tar pit KB to help difuse any attacks.

See MS article:

After you enable recipient filtering, a certain technique may be used against your Exchange server to gather information about the valid e-mail addresses in your organization. This technique is known as a Directory Harvest Attack.

For more information about how to help prevent this kind of attack, click the following article number to view the article in the Microsoft Knowledge Base:
 842851  SMTP tar pit feature for Windows Server 2003
0
 

Author Closing Comment

by:vrosas_03
ID: 36594049
Thanks. I guess I'll have to remove on my end for security.

0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question