Re: External messages "spoofed" as coming from our internal domain are accepted
From: Patrick Genova [MSFT] (pgenova_at_online.microsoft.com)
Date: 03/04/04
- Next message: chiris: "Re: Not Receiving NDR's for some bad email addresses"
- Previous message: Deji Akomolafe: "Re: Remote smtp issue"
- In reply to: D. Kelly: "External messages "spoofed" as coming from our internal domain are accepted"
- Next in thread: Deji Akomolafe: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Reply: Deji Akomolafe: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 4 Mar 2004 07:22:04 -0500
Hi,
There is really no way around this. When receiving mail we only look at the
domain of the recipient and not at the sending domain. If we accept mail for
this domain we accept that mail and then once we do Exchange will do the
lookup on the recipient and deliver the mail to that mailbox. You may want
to take a look at the following article about reverse DNS lookup. But even
this will only append to the message header the domain that the mail is
coming from.
297412 The "Perform Reverse DNS Lookup for Incoming Messages" Option Is for
http://support.microsoft.com/?id=297412
Hope this helps,
-- Patrick Genova Pgenova@online.microsoft.com Please do not send mail directly to this alias. This alias is for Newsgroup purposes only. This posting is provided "AS IS" with no warranties, and confers no rights. "D. Kelly" <support@samsonmanagement.com> wrote in message news:3b2501c40167$20f4cd30$a601280a@phx.gbl... > Full Subject: External messages "spoofed" as coming from > our internal domain are accepted and delivered to valid > internal users. > > Any suggestions to correct this issue would be appreciated: > > Users are receiving external internet e-mail > which appears to be sent from non-existent users > "successfully pretending" to be within our > internally defined system. > > eg. Lets say I have a valid MX record > for "mydomain.com" & > gus@mydomain.com receives a message from > bob@mydomain.com > Unfortunately... > Although gus@mydomain.com is a valid user which > we administer, > bob@mydomain.com doesn't exist. > Nevertheless someone can externally > spoof "bob@mydomain.com" > & my Exchange 2000 system delivers the mail > as if bob@mydomain.com is a valid account > > Extra System Details - > > Our corporate e-mail's MX record points mail > for "mydomain.com" to the > external IP of an ISA firewall. > There's publishing rule(s) on the ISA server to forward > SMTP traffic > for "mydomain.com" to our Exchange Server. > & > The Exchange Server's SMTP connector - > - accepts the ISA server's "forwarded" messages > - & ultimately handles message delivery > > Although I've examined the ISA publishing rules & > Exchange's SMTP connector settings; > I'm uncertain where the "security"/mail delivery failure > occurs. > Ideally, I would prefer to have Exchange Server properly > manage/handle the SMTP mail > rather than make ISA server do the job for Exchange. > > Thanks in advance. > > D. Kelly > POSTING TO: > microsoft.public.exchange2000.transport & > microsoft.public.exchange2000.general
- Next message: chiris: "Re: Not Receiving NDR's for some bad email addresses"
- Previous message: Deji Akomolafe: "Re: Remote smtp issue"
- In reply to: D. Kelly: "External messages "spoofed" as coming from our internal domain are accepted"
- Next in thread: Deji Akomolafe: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Reply: Deji Akomolafe: "Re: External messages "spoofed" as coming from our internal domain are accepted"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
