Exchange 2010 Prevent Authenticated Users From Sending Email From Any Address

Posted by Chance on Server Fault See other posts from Server Fault or by Chance
Published on 2012-11-26T20:03:28Z Indexed on 2012/11/26 23:07 UTC
Read the original article Hit count: 246

Filed under:

exchange

|

exchange-2010

I have recently been combating an SMTP AUTH attack in which one of my email accounts had been compromised and was being used to solicit spam. I have been able to identify the account and change the password however I would like to further restrict my exchange server. By default exchange 2010 allows for any authenticated user to specify any email address as the MAIL FROM address and it will accept it. Is there any way to restrict this so that only the authenticated account's email address will be able to be used as the MAIL FROM address? I have been looking through all ADPermissions for the SMTP connector however I can't find any documentation on how to accomplish this. Any suggestions would be greatly appreciated.

Telnet Test Picture

SMTP Connector Properties Pictures

Permissions Tab

© Server Fault or respective owner

Related posts about exchange

Upgrade Exchange 2003 to Exchange 2010 – Part II

as seen on Simple Talk - Search for 'Simple Talk'
In Jaap's second article on upgrading straight from Exchange Server 2003 to 2010, he explains how to move the various services from Exchange Server 2003 to Exchange Server 2010 and fully decommission the Exchange Server 2003 servers. >>> More
Upgrade Exchange 2003 to Exchange 2010

as seen on Simple Talk - Search for 'Simple Talk'
In this article, the first of two in which Jaap describes how to move from Exchange Server 2003 straight to Exchange Server 2010, he shows what is required before moving mailboxes from Exchange Server 2003 to Exchange Server 2010. He shows how to upgrade Active Directory, install both Exchange Server… >>> More
exchange server 2010 Outlook Web Access - Exchange Control Panel WEB Interface

as seen on Server Fault - Search for 'Server Fault'
from what i can gather the mailbox bit of the web interface works fine.. when any of the users go to options (top right) and try to use some of the features such as the Organise Mail Delivery Reports to find messages etc... it comes up with a message .. "An item with the same key has already been… >>> More
Backup multiple Exchange Accounts without direct access to exchange server

as seen on Server Fault - Search for 'Server Fault'
For e-mail, we use Microsoft Exchange and it is hosted by 1and1.com. We have about 30 Exchange accounts that I would like to backup to a PST file. That is, for each account that we have (all 30), I would like to create a single PST file (1.pst thru 30.pst). I do not have direct access to the Exchange… >>> More
when using exchange 2010 it complains of not talking to Information Store service on exchange 2007

as seen on Server Fault - Search for 'Server Fault'
I am attempting to do an upgrade in my org from exchange 2007 to exchange 2010. I moved all the mailboxes and made sure my certificates were setup in exchange 2010. I then changed my ip forwarding rules to forward mail to my exchange 2010 box. I can receive email. I then powered off my exchange 2007… >>> More

Related posts about exchange-2010

Exchange 2010 to Exchange 2010 Public Folder Replication

as seen on Server Fault - Search for 'Server Fault'
We have 2 exchange servers in our org. MX1 and MX2. I'm trying to replicate all MX1 public folders to MX2. I've setup replication for all the toplevel folders to include the MX2 server. However no public folders are being replicated. The event log does not show any errors. I've set the diagnostic… >>> More
when using exchange 2010 it complains of not talking to Information Store service on exchange 2007

as seen on Server Fault - Search for 'Server Fault'
I am attempting to do an upgrade in my org from exchange 2007 to exchange 2010. I moved all the mailboxes and made sure my certificates were setup in exchange 2010. I then changed my ip forwarding rules to forward mail to my exchange 2010 box. I can receive email. I then powered off my exchange 2007… >>> More
wildcard ssl certificate - exchange 2010 - POP/IMAP problem

as seen on Server Fault - Search for 'Server Fault'
previously we have requested a wildcard ssl certificate from godaddy for our major domain. one of the reasons was the new established exchange server 2010. usually you require following names included in certificiate: FQDN (e.g. mail.whatever.com) Hostname (mail) Domain name (whatever.com) Autodiscover… >>> More
Dual Exchange 2010 on different VM + single public IP + multiple domains

as seen on Server Fault - Search for 'Server Fault'
Here is the scenario: I have 2 Exchange Server 2010 on 2 different Virtual Machines, created by and based on Hyper-V. They have IP and domain: 192.168.5.11, domainA.com ; and 192.168.5.12, domainB.com respectively. The problem is, I only have 1 public IP, say 123.123.1.1 . How do I configure the… >>> More
Exchange 2007 to Exchange 2010

as seen on Server Fault - Search for 'Server Fault'
Hi all, I have a server with Exchange 2007 installed and I want to move over to Exchange 2010, I want to install Exchange 2010 onto a new server, what is the best way of moving all mailboxes and config over to the new Exchange 2010 server? Both would be on the same LAN in the same domain. I've yet… >>> More