Home page logo

basics logo Security Basics mailing list archives

Re: Restricting Incoming Email in Exchange by From Address
From: Greg Jones <grjones () gmail com>
Date: Mon, 20 Jun 2005 19:02:54 -0400

Without explaining why, some of our employees require pop/imap access
to our exchange server from the Internet (they only need this for
receiving mail, and don't need smtp).   So when email from the
Internet comes in from a @mydomain.com address, I want to make sure
that whomever sent it is authenticated (using exchange), and reject
the traditional unauthenticated SMTP traffic when the From address is
a @mydomain.com address.  I will look at SPF more, but it seems to me
that what I'm trying to do should be pretty simple and effective.



On 6/20/05, Steve <securityfocus () delahunty com> wrote:
Not sure I follow on the first part.  Your users can connect to your
Exchange server via other clients like POP? If so, turn off POP/IMAP.  For
spoofing/phishing check out using reverse DNS lookups with Exchange and/or
SPF.  That will improve your overall email security.

----- Original Message -----
From: "Greg Jones" <grjones () gmail com>
To: <security-basics () securityfocus com>
Sent: Saturday, June 18, 2005 12:30 PM
Subject: Restricting Incoming Email in Exchange by From Address

In Exchange (any version), I would like to disallow email coming from
the Internet (smtp) that has a From address of my domain.  This would
force our employees to use OWA or Exchange (via VPN of course).  This
would help with phishing and worms that are fooling some of our
employees (e.g., emails from admin () mydomain com).  Is this possible?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]