Solved

Is it possible to prevent Exchange 2013 accepting spoofed (local domain) addresses?

Posted on 2014-10-22
4
277 Views
Last Modified: 2015-01-09
We have a single Exchange 2013 server (let's call it SERVER) and a single e-mail domain ("domain.com").  Recently there has been a spate of spam messages being sent from both valid and invalid addresses @domain.com, to valid addresses @domain.com.

First of all, is this something than can and should be blocked?  After all, spammers can still send from any other address that's not @domain.com as long as the recipient address is valid, right?

If it should be blocked, what's the proper way to do it?  I have already tried the following but it doesn't seem to make any difference:
Get-ReceiveConnector "Default Frontend SERVER" | Remove-ADPermission -user "NT AUTHORITY\Anonymous Logon" -ExtendedRights "ms-exch-smtp-accept-authoritative-domain-sender"
Restart-Service MSExchangeTransport

Open in new window

Thanks in advance!
0
Comment
Question by:David Haycox
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40398155
That command doesn't work on Exchange 2013.
No real solution at present that I am aware of, other than using a third party tool to deal with spam (very few use the native tools) or use the anti-spam agents that are built in and do sender ID look ups to block the messages.

Simon.
0
 
LVL 2

Author Comment

by:David Haycox
ID: 40398765
Hi Simon,

Thanks - that's odd though, it's listed on Technet: http://technet.microsoft.com/en-us/library/jj673053(v=exchg.150).aspx

Yes, we're using F-Secure which does a pretty good job (for the messages in question, it marked them as spam and stripped the attachment).

In your opinion, is worth trying to block this sort of message anyway?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40407376
I would be looking to see if the F-Secure product can completely block the messages, rather than just removing the attachment. Links will still get through for example.

I have queried with Microsoft to see if the command is still valid, but I don't know if I will get a response.

Simon.
0
 
LVL 2

Author Comment

by:David Haycox
ID: 40412802
Yes, F-Secure has all those sort of options.  It's just a matter of getting the balance right, which of course can be quite different from one customer to the next.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question