Avatar of tamray_tech

asked on 

Help with Exchange tools and configuration

I need to assist a school in hardening their Exchange 2010 server. From what I have learned, users are getting bogus email about their mailbox and are clicking on the link provided in the message. This is somehow providing a pipe for spammers to use them as a relay through the schools internal mail server. They are being put on many blacklist because of this.

I need to help them harden up the configuration to prevent this and hopefully identify the local machine that is being used as the middle man.

I am not an expert with Exchange and could use some guidance in my effort to help them.
ExchangeEmail Servers

Avatar of undefined
Last Comment
Avatar of Marcus Capps
Marcus Capps
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of achaldave
Flag of United States of America image

You need spam filter device, application or hosted service these are some of the products which offer both in house or hosted solution.

You can check with the school they might already have forefront online protection available with their license

You need to disable any open relay on the server to prevent outbound spams
Avatar of tamray_tech


I will need to get more concrete information, but an initial test shows the domain is not on any of the 90 blacklist and is not accessible as an open relay when tested at mxtoolbox.com

The problem, as described to me, is that the internal users pc is somehow the conduit to relay through the Exchange server. I will know more tomorrow. We have firewall rules in place that only allow access to port 25 on their public IP from my mailscanner servers, and that was confirmed with the test.
Avatar of Mohammed Khawaja
My recommendation would be to outsource the anti-spam and anti-virus to a vendor such as FuseMail.com where your MX would be pointing to their servers, they will cleanse the messages and then forward it to your Exchange.  Your Exchange will be configured to relay all messages through their servers.  And the beauty of it is that would cost $2 to $3 per month and no admin work.
You need to be sure the email is coming from an internal source first. I would doubt if it is. To be an internal source it would have to be highly targetted. It is much easier for a spammer to just write a script that sends to the domain example.com and mentions example.com through the email message (Depending on the to email address).
If tha tis the case, then a decent antispam tool should catch it. SPF records setup correctly and antispam tools inside would also catch a lot of it. No need to outsource the filtering at all.

Avatar of tamray_tech


School hired an exchange expert to deal with the issue.

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo