Re: Distribution Groups Available to Internet Spammers

On Sun, 22 Oct 2006 07:41:02 -0700, stosti
<stosti@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

If i give them a bogus SMTP address will my internal users still be able to
use them?

Yes.

I figured out what is happening... I do have the authentication check box
checked. My new Symantec SMTP 5.0 software has LDAP authentication enabled.
We use this to stop spammers from delivering mail to our mail server for
users that do not exist. This is a catch 22!

But the LDAP stuff should only be checking AD for a valid address, not
sending the external message to that group as an authenticated user.
BTW, I dont think version 5.0 Symantec stuff works entirely well for
address validation since it doesnt seem to send a 550 response for
invalid addresses so an external sender knows they fat-fingered an
address but rather simply drops the email.

How about the only from or everyone except options? Can I put out
"everyone" group in there? Everyone here in the company with an email
address is in this group.

Sure, you could create a DG of all your internal users and set
delivery restrictions for only them.


Thanks,
Scott

"Andy David - MVP" wrote:

On Sat, 21 Oct 2006 03:29:02 -0700, stosti
<stosti@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Morning,

How do you make internal distribution groups reject email from spammers on
the internet? In the past i have checked off from authenticated users only
on the Exchange General Tab. This no longer seems to work. I can hit all of
my groups from a yahoo or hotmail account now. This is no good! Spammers
have found them.

Thanks,
Scott


The authenticated checkbox should work as those emails are from the
internet.
An alternative is to give those DGs and bogus SMTP address that you
are not authorative for.


.

Relevant Pages

  • Re: Recommended strategy for providing access to web apps via Inte
    ... LDAP is an ugly solution on the public internet, ... These federated authentication protocols are designed to address these ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.windows.server.active_directory)
  • ISA Server Authentication issues in a mixed Windows/Macintosh environment
    ... I have a client - a local public school system - with a mixed ... and sometime switch over to a pure Windows environment by the time ... agree to allow them to have internet access. ... Basic authentication is the order of business, ...
    (NT-Bugtraq)
  • Re: Authentication problem
    ... am just dealing with my own experience with multi-purposed .NET security ... forms authentication - is any more secure than a single instance ... config method based on which site you are deploying than you are setting ... such as the internet) or windows authentication (if ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Query AD from DMZ via LDAP?
    ... I plan on having ADAM installed in a domain controler where there is a ... proxy objects depends on the type of authentication your app can perform. ... If it is limited to LDAP simple bind, then bind proxies would be needed (and ... authentication to apps on the public internet, ...
    (microsoft.public.windows.server.active_directory)
  • Re: FTP for internal users and external customers.
    ... Secure network architecture and authentication, ... the security boundary in AD is the forest ... Yet there's one thing that's not justified: putting the external user in DMZ ... any connections coming from the internet has to ...
    (microsoft.public.security)