Re: Security in Exchange 2003
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 06/16/04
- Next message: Tim Kowal: "Re: Public Calendar labels"
- Previous message: Lanwench [MVP - Exchange]: "Re: Outsiders in the GAL"
- In reply to: Mitch McDermid: "Security in Exchange 2003"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 16 Jun 2004 13:07:43 -0400
That doesn't make much sense from a security standpoint. Nobody will know
for sure that the login name matches the email alias....
The right answer is, use a good firewall to protect your network, allowing
in only those ports needed (such as 25 for mail). Enforce complex passwords
via group policy....also force regular password changes, account lockout
settings. Rename built-in accounts such as administrator. Leave guest
disabled. Keep your servers patched with critical updates & hotfixes. Etc
etc etc.
Mitch McDermid wrote:
> I am not sure how it is done, but here is my concern and
> question:
>
> In Exchange that is in an AD domain, the login username
> and the exchange e-mail are the same. i.e., bsmith is the
> AD logon name, and the e-mail is : bsmith@yourdomain.com.
> Already, someone can detect the username and all they have
> to do is try to figure out the password - which for a
> hacker, is probably quite easy at this point.
>
> My question to this is simple: Is there a way to change
> the "bsmith" part of the e-mail address so that it can
> take the persons full name, i.e. bill smith , and submit
> this in the first portion of the e-mail in the form of:
> bill.smith@yourdomain.com , thus eliminating
> the "username" for the Active Directory?
>
> Kind of lost on this one, any help would be appreciated.
>
> Thanks
>
> Mitch
- Next message: Tim Kowal: "Re: Public Calendar labels"
- Previous message: Lanwench [MVP - Exchange]: "Re: Outsiders in the GAL"
- In reply to: Mitch McDermid: "Security in Exchange 2003"
- Messages sorted by: [ date ] [ thread ]
