|
Home > Archive > IIS and SMTP > January 2004 > Reverse DNS
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Jeremy A 2004-01-24, 2:06 am |
| I wanted to prevent my domain from being spoofed. I setup
Exchange to do a reverse DNS lookup on all inbound
traffic. However, I later found out that this doesn't
stop the email from coming in..just puts unverified in the
header portion of the email.
My question is, is there a way to block unverified email?
And are there any complications that come along with this?
Thanks
| |
| Darin Roulston [MSFT] 2004-01-24, 2:06 am |
| Yes there is a way to force Exchange 2000 to do reverse DNS lookups on all
inbound connections and deny them if they don't exist. The downside is many
folks out there that are trying to send you legitimate mail will be excluded
if they don't have a PTR record (which a lot still don't but should). It is
also an expensive operation in that your server has more work in resolving
every inbound connection back to a name using DNS. To do this go to the
properties of the SMTP virtual server. On the access tab click the
connections button. Click Add then click the Domain button and add a domain,
it doesn't matter what domain, just keep in mind that whatever domain you
pick will be blocked. You'll notice that you'll get a popup stating that it
will perform a reverse lookup on each connection and are you sure you want
to do it.
--
Darin Roulston
Microsoft PSS
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights
"Jeremy A" <toast445@yahoo.com> wrote in message
news:222b01c3e119$cdd97b40$a101280a@phx.gbl...quote:
> I wanted to prevent my domain from being spoofed. I setup
> Exchange to do a reverse DNS lookup on all inbound
> traffic. However, I later found out that this doesn't
> stop the email from coming in..just puts unverified in the
> header portion of the email.
>
> My question is, is there a way to block unverified email?
> And are there any complications that come along with this?
>
> Thanks
| |
| Jeremy Alsman 2004-01-24, 2:06 am |
| Sounds logical. Then my followup question would be how do
you prevent spoofing, if you aren't to block these senders?
I am getting a lot of email addresses sent externally to
internal clients, however these messages have my domain
appended to the from address. Thanks a lot.
quote:
>-----Original Message-----
>Yes there is a way to force Exchange 2000 to do reverse
DNS lookups on allquote:
>inbound connections and deny them if they don't exist.
The downside is manyquote:
>folks out there that are trying to send you legitimate
mail will be excludedquote:
>if they don't have a PTR record (which a lot still don't
but should). It isquote:
>also an expensive operation in that your server has more
work in resolvingquote:
>every inbound connection back to a name using DNS. To do
this go to thequote:
>properties of the SMTP virtual server. On the access tab
click thequote:
>connections button. Click Add then click the Domain
button and add a domain,quote:
>it doesn't matter what domain, just keep in mind that
whatever domain youquote:
>pick will be blocked. You'll notice that you'll get a
popup stating that itquote:
>will perform a reverse lookup on each connection and are
you sure you wantquote:
>to do it.
>
>--
>Darin Roulston
>Microsoft PSS
>
>Please do not send e-mail directly to this alias. This
alias is forquote:
>newsgroup purposes only.
>
>This posting is provided "AS IS" with no warranties, and
confers no rightsquote:
>"Jeremy A" <toast445@yahoo.com> wrote in message
>news:222b01c3e119$cdd97b40$a101280a@phx.gbl...
setup[QUOTE][color=darkred]
the[QUOTE][color=darkred]
email?[QUOTE][color=darkred]
this?[QUOTE][color=darkred]
>
>
>.
>
| |
| Darin Roulston [MSFT] 2004-01-24, 2:06 am |
| In your situation is mail being sent to your Exchange 2000 server from the
outside and someone is spoofing and internal user as being the sender or are
other outside mail users reporting mail that came from you which you didn't
send? Because of the anonymous connection nature of SMTP mail it is very
easy to spoof a sender. It's very similar in nature to snail mail, you can
send a letter to anyone and say it's from anyone since it's anonymous and
therefore hard to combat. However in the first situation I described where
mail is sent from the outside to an internal user and the sender spoofs an
internal person as sending the mail there is a defence in Exchange 2000.
There is regkey you can set on your bridgehead SMTP servers that will cause
mail that comes from the outside to have the From address displayed in SMTP
format (i.e. user@domain.com) even if the sender is internal to your
organization. Internal mail will have the From address as the display name.
This will let your users know which mail came from the Internet and which
mail came from internal users. See
http://support.microsoft.com/defaul...KB;EN-US;288635 for more
information on this. Is this your situation, if not please rephrase.
Thanks,
Darin
--
Darin Roulston
Microsoft PSS
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights
"Jeremy Alsman" <anonymous@discussions.microsoft.com> wrote in message
news:29d801c3e121$0d170a50$a401280a@phx.gbl...[QUOTE][color=darkred]
> Sounds logical. Then my followup question would be how do
> you prevent spoofing, if you aren't to block these senders?
>
> I am getting a lot of email addresses sent externally to
> internal clients, however these messages have my domain
> appended to the from address. Thanks a lot.
>
>
>
> DNS lookups on all
> The downside is many
> mail will be excluded
> but should). It is
> work in resolving
> this go to the
> click the
> button and add a domain,
> whatever domain you
> popup stating that it
> you sure you want
> alias is for
> confers no rights
> setup
> the
> email?
> this?
| |
|
| The first one is my situation..I'll look at the
article..Thanks a lot.
quote:
>-----Original Message-----
>In your situation is mail being sent to your Exchange
2000 server from thequote:
>outside and someone is spoofing and internal user as
being the sender or arequote:
>other outside mail users reporting mail that came from
you which you didn'tquote:
>send? Because of the anonymous connection nature of SMTP
mail it is veryquote:
>easy to spoof a sender. It's very similar in nature to
snail mail, you canquote:
>send a letter to anyone and say it's from anyone since
it's anonymous andquote:
>therefore hard to combat. However in the first situation
I described wherequote:
>mail is sent from the outside to an internal user and the
sender spoofs anquote:
>internal person as sending the mail there is a defence in
Exchange 2000.quote:
>There is regkey you can set on your bridgehead SMTP
servers that will causequote:
>mail that comes from the outside to have the From address
displayed in SMTPquote:
>format (i.e. user@domain.com) even if the sender is
internal to yourquote:
>organization. Internal mail will have the From address as
the display name.quote:
>This will let your users know which mail came from the
Internet and whichquote:
>mail came from internal users. See
>http://support.microsoft.com/default.aspx?scid=KB;EN-
US;288635 for morequote:
>information on this. Is this your situation, if not
please rephrase.quote:
>
>Thanks,
>Darin
>
>--
>Darin Roulston
>Microsoft PSS
>
>Please do not send e-mail directly to this alias. This
alias is forquote:
>newsgroup purposes only.
>
>This posting is provided "AS IS" with no warranties, and
confers no rightsquote:
>"Jeremy Alsman" <anonymous@discussions.microsoft.com>
wrote in messagequote:
>news:29d801c3e121$0d170a50$a401280a@phx.gbl...
do[QUOTE][color=darkred]
senders?[QUOTE][color=darkred]
don't[QUOTE][color=darkred]
more[QUOTE][color=darkred]
do[QUOTE][color=darkred]
tab[QUOTE][color=darkred]
are[QUOTE][color=darkred]
and[QUOTE][color=darkred]
doesn't[QUOTE][color=darkred]
in[QUOTE][color=darkred]
>
>
>.
>
| |
| Jeremy Alsman 2004-01-28, 5:38 am |
| I tried doing this. When I open the message it displays
the smtp address of the sender.. Is there anyways to get
this to show up right in outlook, withouth having to open
the message?quote:
>-----Original Message-----
>The first one is my situation..I'll look at the
>article..Thanks a lot.
>
>
>
>2000 server from the
>being the sender or are
>you which you didn't
>mail it is very
>snail mail, you can
>it's anonymous and
>I described where
the[QUOTE][color=darkred]
>sender spoofs an
in[QUOTE][color=darkred]
>Exchange 2000.
>servers that will cause
address[QUOTE][color=darkred]
>displayed in SMTP
>internal to your
as[QUOTE][color=darkred]
>the display name.
>Internet and which
>US;288635 for more
>please rephrase.
>alias is for
>confers no rights
>wrote in message
how[QUOTE][color=darkred]
>do
>senders?
to[QUOTE][color=darkred]
reverse[QUOTE][color=darkred]
>don't
>more
To[QUOTE][color=darkred]
>do
>tab
>are
>and
>doesn't
>in
>.
>
|
|
|
|
|