Solved

Is it possible to prevent Exchange 2013 accepting spoofed (local domain) addresses?

Posted on 2014-10-22
4
268 Views
Last Modified: 2015-01-09
We have a single Exchange 2013 server (let's call it SERVER) and a single e-mail domain ("domain.com").  Recently there has been a spate of spam messages being sent from both valid and invalid addresses @domain.com, to valid addresses @domain.com.

First of all, is this something than can and should be blocked?  After all, spammers can still send from any other address that's not @domain.com as long as the recipient address is valid, right?

If it should be blocked, what's the proper way to do it?  I have already tried the following but it doesn't seem to make any difference:
Get-ReceiveConnector "Default Frontend SERVER" | Remove-ADPermission -user "NT AUTHORITY\Anonymous Logon" -ExtendedRights "ms-exch-smtp-accept-authoritative-domain-sender"
Restart-Service MSExchangeTransport

Open in new window

Thanks in advance!
0
Comment
Question by:David Haycox
  • 2
  • 2
4 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40398155
That command doesn't work on Exchange 2013.
No real solution at present that I am aware of, other than using a third party tool to deal with spam (very few use the native tools) or use the anti-spam agents that are built in and do sender ID look ups to block the messages.

Simon.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 40398765
Hi Simon,

Thanks - that's odd though, it's listed on Technet: http://technet.microsoft.com/en-us/library/jj673053(v=exchg.150).aspx

Yes, we're using F-Secure which does a pretty good job (for the messages in question, it marked them as spam and stripped the attachment).

In your opinion, is worth trying to block this sort of message anyway?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40407376
I would be looking to see if the F-Secure product can completely block the messages, rather than just removing the attachment. Links will still get through for example.

I have queried with Microsoft to see if the command is still valid, but I don't know if I will get a response.

Simon.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 40412802
Yes, F-Secure has all those sort of options.  It's just a matter of getting the balance right, which of course can be quite different from one customer to the next.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question