Re: SBS 2003: Protect Exchange against SPAM (how to?)
- From: "Cliff Galiher" <cgaliher@xxxxxxxxx>
- Date: Tue, 21 Apr 2009 07:56:51 -0600
SPF and SenderID are similar, but not the same. In fact, the openspf.org site has this covered in their FAQ.
Honestly, I've used the openSPF.org tools *and* the MS wizard. The MS wizard is very straightforward and technet documents it quite clearly. openSPF.org has *many* resources, including FAQs, best practices, implementation details, *AND* a test suite. If you find that these are not providing enough guidance for you then you really should not be implementing this yourself. No amount of "advice" here will help you; you need someone *with* experience to do this so you can watch and learn from them. DNS records are not to be trifled with casually.
Even with SPF set up though, that will *probably* fix other people getting spam that "appears" to come from you, but depending on your setup, it may not resolve your inbound spam problems. The idea that home users are using their own SMTP servers, and other configuration considerations, *severely* complicates things. You really should consider implementing OWA or RPC over HTTPS to prevent these types of issues and then, at that point, you can do some simple things to lock down Exchange significantly.
But again, this requires some expertise in the field and you really should have a specialist come in, do a complete evaluation of your entire environment, and then make appropriate recommendations.
-Cliff
<ivan.radisson@xxxxxxxxx> wrote in message news:0473cd69-d930-4bfe-a46d-b21de55da1eb@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello everyone,
I've been having a lot of spam that seems to come from my own users.
I mean the "From" field says the email come from the user itself.
These kind of spam always gets in and i'm talking about 50 emails per
day, on every affected user (not all of them are).
I dont know how the spambots got these users anyway (they're not
listed anywhere afaik).
I've read about the SPF record and i wish to implement this on my DNS
management tool which is Everydns (i'm a "premium" user) - I found
http://www.openspf.org/ .
Meanwhile i found this Wizard from Microsoft -
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
but they mention SenderID, not SPF.
I understand the SPF record is actually a simple thing, but i'm afraid
of mangling the system (people go crazy without email). I find both
OpenSPF and Microsoft wizards to lack on proper guidance.
Another thing... after creating the SPF record, what else do i have to
do at the Exchange server? Anything at all?
I know there are SenderID tabs on Exchange server manament.
Here are some details, all help is highly appreciated.
Everything has been working properly, aside from the spam problem.
I use EveryDNS as DNS management tool.
Our internet connection at the office provides us with a dedicated ip:
196.69.69.69 .
Exchange currently manages email for three domains:
- domain1.com (default)
- domain2.com
- domain3.com
Currently we're sending all email via the Internet Provider server
(smtp.myisp1.com).
But we have sent directly via DNS before (and i may put it back that
way in the future).
There are some remote people who may be sending emails on our domains,
from home.
At their homes they will use their own Internet Providers. So i want
these to be accepted too as reliable email senders for the domains.
- smtp.otherisp1.com
- smtp.otherisp2.com
With these details, can anyone help me build a proper SPF record.
Regards.
.
- Follow-Ups:
- Re: SBS 2003: Protect Exchange against SPAM (how to?)
- From: ivan . radisson
- Re: SBS 2003: Protect Exchange against SPAM (how to?)
- References:
- SBS 2003: Protect Exchange against SPAM (how to?)
- From: ivan . radisson
- SBS 2003: Protect Exchange against SPAM (how to?)
- Prev by Date: Re: Some xp clients very slow to boot
- Next by Date: Re: SBS 2003 OS Drive Mirror
- Previous by thread: SBS 2003: Protect Exchange against SPAM (how to?)
- Next by thread: Re: SBS 2003: Protect Exchange against SPAM (how to?)
- Index(es):
Relevant Pages
|
