Solved

Review of receive connector's settings

Posted on 2014-09-19
7
158 Views
Last Modified: 2014-09-19
Our receive connector on Exchange 2010 is accepting dodgy emails which pretend to be sent from our own server which means if the dodgy email slips though - it will be seen as an internal one.

Example :
My domain : mygroup.co.uk

Sender's email address in dodgy email : no-reply@mygroup.co.uk

What should I untick on receive connector to stop this from happening ?
Juts now I have ticked :  Anon users, Exchange servers, legacy Exchange servers.
0
Comment
Question by:charlie_301
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 40332470
Can you describe a little bit more about the problem and what makes you think your server is accepting dodgy emails?

Your Public Receive Connector should only have Anonymous Auth enabled.

It could be just as simple as enabling Recipient Filtering and the problem will go away.

Alan
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 40332472
enable

Block messages sent to recipients that do not exist in the directory

You need the antispam agents installing

Exchange 2010 - Install Anti-Spam Agents

PL
0
 

Author Comment

by:charlie_301
ID: 40332507
I have unticked Exchange servers, legacy Exchange servers from anonymous receive connector so hopefully this should work from now.

I have enabled Exchanges' anti spam features - I had already enabled recipient filtering .
I also have Sophos Pure Message on the same server with Recipient Filtering enabled.

Alan : loads of users received spam email from an address no-reply@mydomain.co.uk
So based on previous settings, server accepted email message from outside with an address same as my own domain.
Recipients addresses were correct.
Senders address doesn't exist on our end not to mention that it shouldn't have been accepted as its not generated by our server.
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40332521
Have you enabled an SPF record for your Domain and are you performing SPF checking on inbound emails?

If you haven't done both - please do, or install something like Vamsoft ORF Fusion (trial) to see how well that handles your Spam for you (we use it and all our customers have it on their servers and they love the lack of spam).

Alan
0
 

Author Comment

by:charlie_301
ID: 40332537
Hi Alan,

Yes, I've prepared SPF record already.
I have also started testing Vamsoft software few days ago - I'll try it again.

I've heard very good comments about it.

Just now, we are getting loads of spam every day, some of it slips though PureMessage's filters. Luckily Sophos license is due for renewal and I will try with Vamsoft - if it works I will bin Sophos PureMessage.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40332544
Shout if you need help configuring it - I've done it a few times ;)

Alan
0
 

Author Comment

by:charlie_301
ID: 40332574
Brilliant, thanks.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question