General discussion

Locked

How to prevent Mail Spoofing

By stergios_nik ·
Hello.

I have an Exchange 5.5 server and I created a distribution list "list1".

The "delivering restrictions" settings of Exchange 5.5 allow me to configure that only myaccount@somewhere.com can send email to list1 and nobody else.

But, the problem is that someone can spoof the email address myaccount@somewhere.com and to succeed in sending email to list1.

Any ideas how can I prevent this from happening?

Thank you in advance.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by ctrservices In reply to How to prevent Mail Spoof ...

You have probably seen the first two of the following links, but I'm sending them on just in case. http://www.microsoft.com/technet/security/Bulletin/MS05-029.mspx

http://support.microsoft.com/?id=836500

http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=7696&DisplayTab=Article

Collapse -

by stergios_nik In reply to

Poster rated this answer.

Collapse -

by zaferus In reply to How to prevent Mail Spoof ...

Everyone seems to reject my answers when it's not what they want to hear - but here it is:

You can prevent relaying, or people using your E-mail server to sent out messages on their behalf. But you cannot stop spoofing.

If E-mail spoofing could be blocked, spam and viruses would drop to less than 1% of what they are now. But the problem is I could send out 10 million E-mails with the subject line "Get with the program, use Linux!" and make it look like it was sent from bgates@microsoft.com.

This is why it's hard to backtrack E-mail viruses and spam, because they don't use their real E-mail addresses and there is no verification process in E-mail yet to prevent spoofing.

Now, you CAN address the issue by making people use digital certificates, and only those with the proper certificate can E-mail the server. Or if an E-mail hit the group without a certificate everyone would know it was spoofed. If there is only a handful of people involved this could work for you.

-Z

Collapse -

by zaferus In reply to

MinAZ is correct, and maybe I'm assuming that this list has at least some external address participants. If you have internal only by blocking relays and removing SMTP you should be able to prevent unauthorized posting within this distro.

If the security of this is really important, perhaps you should consider using encryption of the mail as well and have only the valid recipients with the "key" to view it. This will prevent people from "viewing" the mail going across the wire if you are concerned about internal security as well.

Collapse -

by stergios_nik In reply to

Poster rated this answer.

Collapse -

by Ziskey In reply to How to prevent Mail Spoof ...

The "delivery restriction" tab allows you to select a domain account. If you use a domain account that has the SMTP address removed, no one from the outside would be able to spoof the account.

Collapse -

by stergios_nik In reply to

Poster rated this answer.

Collapse -

by stergios_nik In reply to How to prevent Mail Spoof ...

This question was closed by the author

Back to Software Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums