• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How to prevent spoofing?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Server Security >> How to prevent spoofing? Page: [1]
Login
Message << Older Topic   Newer Topic >>
How to prevent spoofing? - 1.Aug.2011 9:33:25 AM   
sjurick

 

Posts: 2
Joined: 2.Jun.2011
Status: offline 		Using MS Server 2003 and Exchange 2003 - I have started getting emails that are appearing to be sent from an internal address in our AD (webmaster). The subject contains (webmaster@ourdomain.com) along with other verbiage, and the Sender field has names like Viagra.com [webmaster@ourdomain.com].

We have GFI MailEssentials installed on this server however I don't believe I can blacklist my own domain in there and we use this address for other things.

Are there some things I can look at in the SMTP connector or something? I've done a few things like Disable Basic Authentication, and Enable Perform reverse DNS lookup.

I know there are hundreds of settings and I don't want to break anything.

Thanks,
Steve
Post #: 1
RE: How to prevent spoofing? - 1.Aug.2011 9:42:10 AM   
mark@mvps.org

 

Posts: 6812
Joined: 9.Jun.2004
From: Philadelphia PA
Status: offline 		The right thing to do is to get your MailEssentials updated so that the messages are pulled out. I understand your current thing is that you are seeing messages from your own domain but what about tomorrow? They'll be coming from my domain or your home domain. What then?

In fact you can, in Exchange 2003, block your own domain on your own server. In 2003 you could do this because there was an abstraction between messages coming in from the Internet and messages flying around internally.

Unfortunately the article I published seven years ago is probably long, long gone. I am pretty certain that it was in Global Settings in ESM though.

But, best have MailEssentials take care of things. You paid money for it, have it work properly.

_____________________________

Mark Arnold (Exchange MVP)
List Moderator

(in reply to sjurick)
Post #: 2
RE: How to prevent spoofing? - 3.Aug.2011 3:14:04 PM   
Neko

 

Posts: 2077
Joined: 11.Nov.2008
From: The Netherlands
Status: offline 		Also take into account that mailaddresses can be spoofed. Which means it might originate from a different server, and not yours. Do not take the sender-address at face-value.

_____________________________

I reject your reality, and substitute my own - Adam Savage

(in reply to mark@mvps.org)
Post #: 3
RE: How to prevent spoofing? - 6.Oct.2011 7:13:03 AM   
johnmerchant

 

Posts: 23
Joined: 14.Sep.2011
Status: offline 		Hi,
Top way to prevent spoofing:-
1.Blind spoofing
2.Nonblind spoofing
3.Denial-of-service attack
4.Man-in-the-middle attack
_____________
SEO Limerick

(in reply to Neko)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Server Security >> How to prevent spoofing? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter