Solved

Is it possible to prevent Exchange 2013 accepting spoofed (local domain) addresses?

Posted on 2014-10-22
4
265 Views
Last Modified: 2015-01-09
We have a single Exchange 2013 server (let's call it SERVER) and a single e-mail domain ("domain.com").  Recently there has been a spate of spam messages being sent from both valid and invalid addresses @domain.com, to valid addresses @domain.com.

First of all, is this something than can and should be blocked?  After all, spammers can still send from any other address that's not @domain.com as long as the recipient address is valid, right?

If it should be blocked, what's the proper way to do it?  I have already tried the following but it doesn't seem to make any difference:
Get-ReceiveConnector "Default Frontend SERVER" | Remove-ADPermission -user "NT AUTHORITY\Anonymous Logon" -ExtendedRights "ms-exch-smtp-accept-authoritative-domain-sender"
Restart-Service MSExchangeTransport

Open in new window

Thanks in advance!
0
Comment
Question by:David Haycox
  • 2
  • 2
4 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40398155
That command doesn't work on Exchange 2013.
No real solution at present that I am aware of, other than using a third party tool to deal with spam (very few use the native tools) or use the anti-spam agents that are built in and do sender ID look ups to block the messages.

Simon.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 40398765
Hi Simon,

Thanks - that's odd though, it's listed on Technet: http://technet.microsoft.com/en-us/library/jj673053(v=exchg.150).aspx

Yes, we're using F-Secure which does a pretty good job (for the messages in question, it marked them as spam and stripped the attachment).

In your opinion, is worth trying to block this sort of message anyway?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40407376
I would be looking to see if the F-Secure product can completely block the messages, rather than just removing the attachment. Links will still get through for example.

I have queried with Microsoft to see if the command is still valid, but I don't know if I will get a response.

Simon.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 40412802
Yes, F-Secure has all those sort of options.  It's just a matter of getting the balance right, which of course can be quite different from one customer to the next.
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video discusses moving either the default database or any database to a new volume.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now