• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 181
  • Last Modified:

Review of receive connector's settings

Our receive connector on Exchange 2010 is accepting dodgy emails which pretend to be sent from our own server which means if the dodgy email slips though - it will be seen as an internal one.

Example :
My domain : mygroup.co.uk

Sender's email address in dodgy email : no-reply@mygroup.co.uk

What should I untick on receive connector to stop this from happening ?
Juts now I have ticked :  Anon users, Exchange servers, legacy Exchange servers.
0
charlie_301
Asked:
charlie_301
  • 3
  • 3
2 Solutions
 
Alan HardistyCo-OwnerCommented:
Can you describe a little bit more about the problem and what makes you think your server is accepting dodgy emails?

Your Public Receive Connector should only have Anonymous Auth enabled.

It could be just as simple as enabling Recipient Filtering and the problem will go away.

Alan
0
 
Pete LongTechnical ConsultantCommented:
enable

Block messages sent to recipients that do not exist in the directory

You need the antispam agents installing

Exchange 2010 - Install Anti-Spam Agents

PL
0
 
charlie_301Author Commented:
I have unticked Exchange servers, legacy Exchange servers from anonymous receive connector so hopefully this should work from now.

I have enabled Exchanges' anti spam features - I had already enabled recipient filtering .
I also have Sophos Pure Message on the same server with Recipient Filtering enabled.

Alan : loads of users received spam email from an address no-reply@mydomain.co.uk
So based on previous settings, server accepted email message from outside with an address same as my own domain.
Recipients addresses were correct.
Senders address doesn't exist on our end not to mention that it shouldn't have been accepted as its not generated by our server.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Alan HardistyCo-OwnerCommented:
Have you enabled an SPF record for your Domain and are you performing SPF checking on inbound emails?

If you haven't done both - please do, or install something like Vamsoft ORF Fusion (trial) to see how well that handles your Spam for you (we use it and all our customers have it on their servers and they love the lack of spam).

Alan
0
 
charlie_301Author Commented:
Hi Alan,

Yes, I've prepared SPF record already.
I have also started testing Vamsoft software few days ago - I'll try it again.

I've heard very good comments about it.

Just now, we are getting loads of spam every day, some of it slips though PureMessage's filters. Luckily Sophos license is due for renewal and I will try with Vamsoft - if it works I will bin Sophos PureMessage.
0
 
Alan HardistyCo-OwnerCommented:
Shout if you need help configuring it - I've done it a few times ;)

Alan
0
 
charlie_301Author Commented:
Brilliant, thanks.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now