Block incoming connections from bogus SMTP server
- From: "Mike Kelly" <mkelly@xxxxxxxxxxxxxx>
- Date: Thu, 4 Aug 2005 10:46:11 -0400
Greetings
I came across an intresting method of spam blocking. It blocks the type of
spam that is a message that has been spoofed to resemble your own domain to
other addresses in your domain.
IE:
Company domain: hothead.ca
Company SMTP Server: mail.hothead.ca
Company SMTP Server: 172.16.1.12
Remote SMPT connects using:
Remote domain: hothead.ca
Remote SMTP server: mail.hothead.ca
Remote SMPT server: 10.25.36.47
In a single SMTP server setup you know exactly what server is supposed to
be sending mail on your behaf, so for this example the remote server is
definately not you. SPF can catch this if you have it enabled and
configered, but if you dont have an authentication process in place then
what to do?
The suggestion I encountered was to block incoming connections with your
domain name as the sending domain. Mail.hothead.ca receives a HELO from
mail.hothead.ca and the connection is dropped. Sounds like a heck on a plan.
What I want to know is how to get Exchange 2003 SP1 to do this?
Is it a DNS resolution thing or can a specific deny rule be setup without
impacting "normal" SMTP inbound connections?
If you have a working suggestion, please be specific on the location of the
process as I am still learning Exchange and dont always know where stuff is
yet.
Thank you for you time.
.
- Follow-Ups:
- Re: Block incoming connections from bogus SMTP server
- From: Rich Matheisen [MVP]
- Re: Block incoming connections from bogus SMTP server
- Prev by Date: New Mailbox Store or New Storage Group?
- Next by Date: Re: Query all SMTP Address
- Previous by thread: New Mailbox Store or New Storage Group?
- Next by thread: Re: Block incoming connections from bogus SMTP server
- Index(es):
Relevant Pages
|
