• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Reverse DNS Lookup - SPAM Problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Installation >> Reverse DNS Lookup - SPAM Problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
Reverse DNS Lookup - SPAM Problem - 11.May2011 10:39:32 AM   
stantheman

 

Posts: 42
Joined: 15.Dec.2004
From: Cardiff, Wales
Status: offline
Our mail environment is Exchange 2003 on Windows Server 2003 in a FE-BE scenario. We currently use Sophos Puremessage on our FE Exchange server for SPAM filtering.

Certain members of staff have been receiving a lot of SPAM purporting to come from within our organisation. In one instance a user received an email from herself selling discount watches. Looking at the header information it is apparent that these emails are coming from outside our organisation.

I know you can configure Reverse DNS lookup within Exchange 2003 as per http://support.microsoft.com/kb/297412 but this doesn’t drop the connections for unsolicited mail – it merely changes the message header so that "RDNS failed" appears in the RECEIVED header of the message.

Is there a way to drop the connection if the Reverse DNS detects that it is s spoofed email sent from an unauthorised server ?

Post #: 1
RE: Reverse DNS Lookup - SPAM Problem - 24.May2011 12:21:59 AM   
uemurad

 

Posts: 8232
Joined: 7.Jan.2004
From: California, USA
Status: offline
It is common to block external messages with your own domain name as the sender.  That's because since all of yourdomain.com belongs inside your organization, it shouldn't be coming from outside your organization.

_____________________________

Regards,

Dean T. Uemura
Microsoft MVP - Exchange (2007-2011)
exchangeguy.blogspot.com
uemurad@yahoo.com

(in reply to stantheman)
Post #: 2
RE: Reverse DNS Lookup - SPAM Problem - 24.May2011 4:06:31 AM   
stantheman

 

Posts: 42
Joined: 15.Dec.2004
From: Cardiff, Wales
Status: offline
Thanks for your reply but it doesn't really solve our problem - how do you stop email coming from somewhere that it didn't originate from - I can telnet to our mail server and send it a message as if it is coming from anywhere I like (including our own domain).

As I said configuring the Reverse DNS doesn’t drop the connections for unsolicited mail – it merely changes the message header so that "RDNS failed" appears in the RECEIVED header of the message.

(in reply to uemurad)
Post #: 3
RE: Reverse DNS Lookup - SPAM Problem - 12.Jul.2011 1:42:55 PM   
bkirkinc

 

Posts: 1
Joined: 12.Jul.2011
Status: offline
A real-time block list (RBL) is a method of stopping spammers from being able to send out large quantities of distasteful spam. A real-time block list is managed and maintained by an organization (company, non-profit, or volunteers) who track spam activity and create a list of known violators. Violations can include SMTP configurations to being caught sending spam. Once you are on their list, you can typically request removal. Some site will publish email addresses and all messages received to that email address is spam.
When a computer connects to your Exchange server, Exchange will query the specified real-time block list. If the address is on that list, Exchange will generate an error and refuse the message. The server that was trying to send the spam is then responsible to generate a non-delivery report and send it the sender. This will eventually lock up the sending server until their open relay is detected and resolved.
For a list of real-time block lists, please refer to the Wikipedia article:
http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
Setup The process is the same for Exchange 2008 and Exchange 2010.
To setup a RBL, open Exchange Management Console – the GUI, and under Organization Configuration select Hub Transport. Select the Anti-Spam tab and right click IP Block List Providers selecting Properties.


Shawn Z.
http://www.internetworkconsulting.net

(in reply to stantheman)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Installation >> Reverse DNS Lookup - SPAM Problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter