Security Basics mailing list archives
RE: Restricting Incoming Email in Exchange by From Address
From: "Tim Hayes" <morphieus () earthlink net>
Date: Wed, 29 Jun 2005 13:04:23 -0700
I understand wanting to limit the availability to send unencrypted email across the internet but unless you are setting up your imap/pop accounts with SSL you won't be resolving anything. You can setup recipient filter in the global policy and then apply this filter in the advanced interface properties of you SMTP virtual server. Unless you have a front end server with a dedicated SMTP connector, you may need to create an additional internal SMTP connector listening on another IP to allow systems management email to be distributed internally. An explaination of your messaging topology would be really helpful Regards, Tim -----Original Message----- From: Greg Jones [mailto:grjones () gmail com] Sent: Friday, June 24, 2005 11:06 AM To: Gaddis, Jeremy L. Cc: security-basics () securityfocus com Subject: Re: Restricting Incoming Email in Exchange by From Address That's exactly it. The Brandon Lockhart email was good (using sendmail or qmail gateway to block it there). But I wonder if this is possible in Exchange. Greg On 6/22/05, Gaddis, Jeremy L. <jlgaddis () ivytech edu> wrote:
I think some of you may be misunderstanding what the OP is wanting. To clarify, I believe he wants to configure Exchange so that it will not accept mail from outside servers that say it's from hisdomain.com. I could be wrong here, but that's what I gathered. This would force users to send e-mail directly through the Exchange server (either via Outlook or OWA). A user with a 3rd-party mail client connecting to 25/TCP from home would not be able to send e-mail to an Exchange recipient with a From: address of their work domain. -j -- Jeremy L. Gaddis <jlgaddis () ivytech edu> Special Projects Manager Computer & Technology Services Ivy Tech State College, Bloomington 812.330.6156 (w) 812.797.6176 (m) -----Original Message----- From: Dan Denton [mailto:ddenton () PAYLESSOFFICE com] Sent: Tuesday, June 21, 2005 10:31 AM To: Greg Jones; Steve Cc: security-basics () securityfocus com Subject: RE: Restricting Incoming Email in Exchange by From Address No additional security checking is involved here, but why not use the Exchange General/Delivery Restrictions screen (Under user properties in AD) to limit who the user can receive email from? Domain or Proxy server authentication to an OWA server should take care of the authentication issue. -----Original Message----- From: Greg Jones [mailto:grjones () gmail com] Sent: Monday, June 20, 2005 6:03 PM To: Steve Cc: security-basics () securityfocus com Subject: Re: Restricting Incoming Email in Exchange by From Address Without explaining why, some of our employees require pop/imap access to our exchange server from the Internet (they only need this for receiving mail, and don't need smtp). So when email from the Internet comes in from a @mydomain.com address, I want to make sure that whomever sent it is authenticated (using exchange), and reject the traditional unauthenticated SMTP traffic when the From address is a @mydomain.com address. I will look at SPF more, but it seems to me that what I'm trying to do should be pretty simple and effective. Thanks Greg On 6/20/05, Steve <securityfocus () delahunty com> wrote:Not sure I follow on the first part. Your users can connect to your Exchange server via other clients like POP? If so, turn off POP/IMAP.For spoofing/phishing check out using reverse DNS lookups with Exchange and/or SPF. That will improve your overall email security. STEVE ----- Original Message ----- From: "Greg Jones" <grjones () gmail com> To: <security-basics () securityfocus com> Sent: Saturday, June 18, 2005 12:30 PM Subject: Restricting Incoming Email in Exchange by From Address In Exchange (any version), I would like to disallow email coming from the Internet (smtp) that has a From address of my domain. This would force our employees to use OWA or Exchange (via VPN of course). This would help with phishing and worms that are fooling some of our employees (e.g., emails from admin () mydomain com). Is this
possible?
Greg
Current thread:
- Restricting Incoming Email in Exchange by From Address Greg Jones (Jun 20)
- Re: Restricting Incoming Email in Exchange by From Address Steve (Jun 20)
- Re: Restricting Incoming Email in Exchange by From Address Greg Jones (Jun 21)
- RE: Restricting Incoming Email in Exchange by From Address L. Walker (Jun 21)
- <Possible follow-ups>
- RE: Restricting Incoming Email in Exchange by From Address Dan Denton (Jun 22)
- RE: Restricting Incoming Email in Exchange by From Address Gaddis, Jeremy L. (Jun 24)
- RE: Restricting Incoming Email in Exchange by From Address Subscription (Jun 27)
- Re: Restricting Incoming Email in Exchange by From Address Greg Jones (Jun 27)
- RE: Restricting Incoming Email in Exchange by From Address Tim Hayes (Jun 30)
- Message not available
- Re: Restricting Incoming Email in Exchange by From Address Greg Jones (Jun 30)
- Re: Restricting Incoming Email in Exchange by From Address Steve (Jun 20)