Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 SMTP allows send from any user address

Posted on 2013-11-25
3
Medium Priority
?
519 Views
Last Modified: 2013-11-25
We discovered that when users attempt to send mail as another user through outlook it is denied unless they have specific rights to do this.    Which is what we want.    However if using tools outside outlook exchange allows the send from address to be anything.     This is not very secure as I can easily send a message as another user using and SMTP mail connecter.    

How can I correct his behavior.    I do want it to allow SMTP mail as long as the send from address is permitted by that user.

Note this is local domain mail I am referring to.   Outside our network it works as expected.
0
Comment
Question by:Zoldy2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39675075
That is the standard behaviour for SMTP traffic. SMTP doesn't really pay any attention to the sender. You cannot completely eliminate it. A decent anti-spam scanner should block most of it, and you can use things like SPF records and check your own domain. However you have to be 100% correct to block it as it is very easy to block legitimate email.

Simon.
0
 
LVL 2

Author Comment

by:Zoldy2000
ID: 39675421
I am surprised this is standard behavior.   With very little effort I could send an email impersonating my boss or even the CEO?    I can't imagine that to be true standard behavior?    Are you certain?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39675929
It is called spoofing and is why spam is such a problem. Most spam is spoofed and a common spammer's trick is to send email using the same From domain as the Recipient.

I could send you an email with bill.gates@microsoft.com as the sender if I wished, there is nothing in the standard products that automatically could verify that it was legitimate or not.

Simon.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question