Solved

Prevent own domain email spoofing in Exchange 2010

Posted on 2016-07-19
2
147 Views
Last Modified: 2016-08-31
Hi All,

After some brief research, I found out that removing "ms-exch-smtp-accept-authoritative-domain-sender" permission in Exchange server able to prevent anonymous users sending mail using your domain.
If we have multiple internal applications that need to send notification emails, will this type of emails get blocked also if remove the aforementioned permission?
Example: our domain - abc.com
                 oracle apps can send emails using oracle@abc.com currently

Thanks.
0
Comment
Question by:panda5888
2 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 41718996
If you have internal applications then the way to get round it is to have a separate Receive Connector for the internal applications which do not have that permission change. The permission change you have identified is a per receive connector change, so using a separate connector (with the connection restrictions applied so it is only used internally) avoids the problem.
0
 

Author Closing Comment

by:panda5888
ID: 41779310
Done by adding own domain in blocked sender list
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question