Re: External messages "spoofed" as coming from our internal domain are accepted
From: Deji Akomolafe (deji_at_
Date: 03/04/04
- Next message: Deji Akomolafe: "Re: SMTP Unknown sessions, please help"
- Previous message: Jorge: "SMTP Unknown sessions, please help"
- In reply to: D. Kelly: "External messages "spoofed" as coming from our internal domain are accepted"
- Next in thread: Patrick Genova [MSFT]: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 3 Mar 2004 22:25:54 -0800
Nothing you can do about this. It's not a misconfiguration, so nothing to
correct. You'd only be worried IF the destination mailbox does not exist
WITHIN your organization. E2K will accept ANY FROM address. Actually ANY
SMTP server should accept mail from any from address as long as the TO is
within your org.
-- Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon "D. Kelly" <support@samsonmanagement.com> wrote in message news:3b2501c40167$20f4cd30$a601280a@phx.gbl... > Full Subject: External messages "spoofed" as coming from > our internal domain are accepted and delivered to valid > internal users. > > Any suggestions to correct this issue would be appreciated: > > Users are receiving external internet e-mail > which appears to be sent from non-existent users > "successfully pretending" to be within our > internally defined system. > > eg. Lets say I have a valid MX record > for "mydomain.com" & > gus@mydomain.com receives a message from > bob@mydomain.com > Unfortunately... > Although gus@mydomain.com is a valid user which > we administer, > bob@mydomain.com doesn't exist. > Nevertheless someone can externally > spoof "bob@mydomain.com" > & my Exchange 2000 system delivers the mail > as if bob@mydomain.com is a valid account > > Extra System Details - > > Our corporate e-mail's MX record points mail > for "mydomain.com" to the > external IP of an ISA firewall. > There's publishing rule(s) on the ISA server to forward > SMTP traffic > for "mydomain.com" to our Exchange Server. > & > The Exchange Server's SMTP connector - > - accepts the ISA server's "forwarded" messages > - & ultimately handles message delivery > > Although I've examined the ISA publishing rules & > Exchange's SMTP connector settings; > I'm uncertain where the "security"/mail delivery failure > occurs. > Ideally, I would prefer to have Exchange Server properly > manage/handle the SMTP mail > rather than make ISA server do the job for Exchange. > > Thanks in advance. > > D. Kelly > POSTING TO: > microsoft.public.exchange2000.transport & > microsoft.public.exchange2000.general
- Next message: Deji Akomolafe: "Re: SMTP Unknown sessions, please help"
- Previous message: Jorge: "SMTP Unknown sessions, please help"
- In reply to: D. Kelly: "External messages "spoofed" as coming from our internal domain are accepted"
- Next in thread: Patrick Genova [MSFT]: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
