Re: Restricting Incoming Email in Exchange by From Address

[Greg Jones <grjones () gmail com>]

That's exactly it.  The Brandon Lockhart email was good (using
sendmail or qmail gateway to block it there).  But I wonder if this is
possible in Exchange.

Greg

On 6/22/05, Gaddis, Jeremy L. <jlgaddis () ivytech edu> wrote:
> I think some of you may be misunderstanding what the OP is wanting.
>
> To clarify, I believe he wants to configure Exchange so that it will not
> accept mail from outside servers that say it's from hisdomain.com.  I could
> be wrong here, but that's what I gathered.  This would force users to send
> e-mail directly through the Exchange server (either via Outlook or OWA).  A
> user with a 3rd-party mail client connecting to 25/TCP from home would not
> be able to send e-mail to an Exchange recipient with a From: address of
> their work domain.
>
> -j
>
> --
> Jeremy L. Gaddis   <jlgaddis () ivytech edu>
> Special Projects Manager
> Computer & Technology Services
> Ivy Tech State College, Bloomington
> 812.330.6156 (w)   812.797.6176 (m)
>
>
> -----Original Message-----
> From: Dan Denton [mailto:ddenton () PAYLESSOFFICE com]
> Sent: Tuesday, June 21, 2005 10:31 AM
> To: Greg Jones; Steve
> Cc: security-basics () securityfocus com
> Subject: RE: Restricting Incoming Email in Exchange by From Address
>
> No additional security checking is involved here, but why not use the
> Exchange General/Delivery Restrictions screen (Under user properties in
> AD) to limit who the user can receive email from? Domain or Proxy server
> authentication to an OWA server should take care of the authentication
> issue.
>
> -----Original Message-----
> From: Greg Jones [mailto:grjones () gmail com]
> Sent: Monday, June 20, 2005 6:03 PM
> To: Steve
> Cc: security-basics () securityfocus com
> Subject: Re: Restricting Incoming Email in Exchange by From Address
>
>
> Without explaining why, some of our employees require pop/imap access to
> our exchange server from the Internet (they only need this for
> receiving mail, and don't need smtp).   So when email from the
> Internet comes in from a @mydomain.com address, I want to make sure that
> whomever sent it is authenticated (using exchange), and reject the
> traditional unauthenticated SMTP traffic when the From address is a
> @mydomain.com address.  I will look at SPF more, but it seems to me that
> what I'm trying to do should be pretty simple and effective.
>
> Thanks
>
> Greg
>
> On 6/20/05, Steve <securityfocus () delahunty com> wrote:
> > Not sure I follow on the first part.  Your users can connect to your
> > Exchange server via other clients like POP? If so, turn off POP/IMAP.
>
> > For spoofing/phishing check out using reverse DNS lookups with
> > Exchange and/or SPF.  That will improve your overall email security.
> >
> > STEVE
> > ----- Original Message -----
> > From: "Greg Jones" <grjones () gmail com>
> > To: <security-basics () securityfocus com>
> > Sent: Saturday, June 18, 2005 12:30 PM
> > Subject: Restricting Incoming Email in Exchange by From Address
> >
> >
> > In Exchange (any version), I would like to disallow email coming from
> > the Internet (smtp) that has a From address of my domain.  This would
> > force our employees to use OWA or Exchange (via VPN of course).  This
> > would help with phishing and worms that are fooling some of our
> > employees (e.g., emails from admin () mydomain com).  Is this possible?
> >
> >  Greg