2

I have an Exchange 2007 SP2 server which happily accepts SMTP messages whose sender is SomeRandomString@mydomain.com and the recipient is SomeRealUser@mydomain.com; this leads to all sort of spoofing and spam.

Is there any way I can tell Exchange "reject all messages whose sender is in your authoritative SMTP domain but doesn't match any real address you have in the GAL"?

Massimo
  • 68,714
  • 56
  • 196
  • 319

2 Answers2

0

Absolutely, if you are using an edge transport server, otherwise you will need a 3rd party tool. We use a Cisco spam and virus blocker, which was relatively inexpensive, which provides this exact function.

geeklin
  • 518
  • 2
  • 10
  • Are you saying only an ET can filter out those messages? Can't a HT with anti-spam enabled do the same? – Massimo Sep 16 '09 at 18:55
  • Yes, just not by default. You would need to run the Install-AntisapmAgents.ps1 script. Then enable Recipient filtering and check the box that says Block Messages sent to recipients not listed in the Global Address list. – geeklin Sep 16 '09 at 19:13
  • That's not what I asked for; I don't want to block messages sent **to** fake **recipients**, I want to block messages sent **from** fake **senders**. – Massimo Sep 16 '09 at 19:15
  • Oh, yes. Sorry misunderstood. And that is a great post you found. – geeklin Sep 16 '09 at 20:21
0

Found the answer:

http://exchangepedia.com/blog/2008/09/how-to-prevent-annoying-spam-from-your.html

As usual, being able to set some flag like "block messages sent to recipients not listed in the GAL" would have been a lot easier... what Exchange 2007 certainly doesn't lack in power, it as much certainly does in admin-friendlyness :-/

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • i know this is old, but we still have a working ex2007 and strangely enough that is almost literally the caption on the checkbox to enable this in Exchange 2007. it is in Hub Transport > Anti-Spam > Recipient Filtering. using SPF would also stop those. – Rostol Jun 03 '19 at 16:59