?
Solved

how to prevent telnet spoofing of internet email addresses with Exchange 2010

Posted on 2014-02-19
4
Medium Priority
?
3,107 Views
1 Endorsement
Last Modified: 2014-02-19
is there a way to prevent someone from telnet to my exchange server on port 25 and sending an email from user1-that-exist@mydomain.com to user2-that-exist@mydomain.com?

everything I've read so far doesn't really stop this. any suggestions?

Thanks
1
Comment
Question by:stevebishop
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 2000 total points
ID: 39870623
Hello,

You can follow the instructions in this article to prevent domain spoofing of your internal domains:

http://exchangepedia.com/2008/09/how-to-prevent-annoying-spam-from-your-own-domain.html

-JJ
1
 

Author Comment

by:stevebishop
ID: 39870945
JJ,

Thanks for the response, what would be the opposite of that command in case I needed to revert the change?

Get-ReceiveConnector “My Internet ReceiveConnector” | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Remove-ADPermission


Would it be

Get-ReceiveConnector “My Internet ReceiveConnector” | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Add-ADPermission

?

Thanks
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39870952
You would run this command to revert back:

Get-ReceiveConnector “Name of your RCV connector” | Add-ADPermission -User “NT AUTHORITY\Anonymous Logon” -ExtendedRights “ms-Exch-SMTP-Accept-Authoritative-Domain-Sender”

-JJ
1
 

Author Comment

by:stevebishop
ID: 39871444
Thanks JJ,

Implemented the change, tested it and i'm not allow to do it anymore. Looks like its working!

Sbishop
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
how to add IIS SMTP to handle application/Scanner relays into office 365.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question