HOW TO ;Prevent a…
来源:互联网 发布:手机淘宝复制粘贴不了 编辑:程序博客网 时间:2024/06/05 05:54
One of themore annoying types of spam is the one that seems to be coming fromyour own domain; or worse— from your own email address! Of course,users from your own domain don’t generally spam each other— unlessyou’re using one of the free web-based email services. And most ofus don’t spam ourselves.
Obviously, thisis coming from a spammer who has spoofed your email address, orthat of someone else from your domain.Unfortunately,
In ExchangeServer 2007,
You may haveremote POP3/IMAP4 users who use SMTP to send mail. However, suchsessions should be authenticated, and preferably use a separateReceive Connector.
Thanks to theextensive
Use the followingcommand to remove the
Get-ReceiveConnector “My Internet ReceiveConnector” |Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where{$_.ExtendedRights -like“ms-exch-smtp-accept-authoritative-domain-sender”} |Remove-ADPermission
Once thispermission is removed, when anonymous senders try to submit mailusing your Accepted Domain(s), here’s how the SMTP conversationgoes:
220 E12Postcard.e12labs.com Microsoft ESMTP MAIL Service ready atWed, 3 Sep 2008 06:22:43 -0700
helo
250 E12Postcard.e12labs.com Hello [172.31.0.170]
mailfrom:jadams@e12labs.com
5505.7.1 Client does not have permissions to send as thissender
Exchange stoppedspoofing of P1/envelope headers. Let’s continue the session and tryto spoof the P2 headers
mailfrom:someone@someotherdomain.com
250 2.1.0 Sender OK
rcpt to:jadams@e12labs.com
250 2.1.5 Recipient OK
data
354 Start mail input; end with
from:jadams@e12labs.com
subject: Header spoofing
This is how wespoof headers, spoof headers.
.
5505.7.1 Client does not have permissions to send as thissender
quit
221 2.0.0 Service closing transmission channel
As you can see,removing the
Whennot to remove the permission?
Is there a scenario where one should not removethe
But you do havethese internal/trusted hosts submitting to a separate ReceiveConnector, don’t you?
- HOW TO ;Prevent a…
- How to prevent resizing of views in a splitter window
- How to prevent subsequent initialization in Android
- How to prevent object bloat in PostgreSQL
- How to Prevent Silent Data Corruption
- a method to prevent double click
- How to prevent from writing into USB drive by GPO
- how to prevent ZFS from eating too much memory
- How To: Prevent Cross-Site Scripting in ASP.NET
- How to prevent LUA scripts that block your program
- How to Prevent SQL Injection Attack (Explained with an Example)
- How to Prevent Denial of Service(DOS) Attacks
- How to prevent crash when selecting specific contact using AdressBookUI
- tomcat启动时报to prevent a memory leak
- Dropout: A Simple Way to Prevent Neural Networks from Overfitting
- Dropout:A Simple Way to Prevent Neural Networks from Overfitting
- how to prevent hadoop job to fail on corrupted input file
- How to allow new records to be inserted, but prevent existing data from being edited
- Exchange OAB(脱机通讯簿)详解
- 思科设备snmp打开方法
- Android之Service
- Exchange 2010安装完的简单配…
- Exchange 2010 的安装与…
- HOW TO ;Prevent a…
- poj1486(二分图匹配)
- Telnet到端口25以测试smtp通信_exc…
- 你不可不知的HTML优化技巧
- exchange 2010 relay设定
- 配置Exchange Server 20…
- HttpServletRequest和ServletRequest的区别
- 加上日期处理的,这样可以增量备份
- 设计模式(七)装饰模式