mailing list archives
RE: Restricting Incoming Email in Exchange by From Address
From: "L. Walker" <lwalker () magi net au>
Date: Tue, 21 Jun 2005 19:57:19 +1000
I think what he may mean is that he has an Exchange box setup inside his
LAN, with an Internet-facing side as well, and that he wants to force users
inside his organisation to utilise OWA...
A better approach would be to instruct your firewall's ACL to block port
110/tcp completely.. As for OWA via VPN, why not just HTTPS? Less hassle,
less software configuration per client-side.
(Maybe I've got it all wrong :P)
- L. Walker
From: Steve [mailto:securityfocus () delahunty com]
Sent: Tuesday, 21 June 2005 6:40 AM
To: Greg Jones; security-basics () securityfocus com
Subject: Re: Restricting Incoming Email in Exchange by From Address
Not sure I follow on the first part. Your users can connect to your
Exchange server via other clients like POP? If so, turn off POP/IMAP. For
spoofing/phishing check out using reverse DNS lookups with Exchange and/or
SPF. That will improve your overall email security.
----- Original Message -----
From: "Greg Jones" <grjones () gmail com>
To: <security-basics () securityfocus com>
Sent: Saturday, June 18, 2005 12:30 PM
Subject: Restricting Incoming Email in Exchange by From Address
In Exchange (any version), I would like to disallow email coming from
the Internet (smtp) that has a From address of my domain. This would
force our employees to use OWA or Exchange (via VPN of course). This
would help with phishing and worms that are fooling some of our
employees (e.g., emails from admin () mydomain com). Is this possible?