Reverse DNS lookup with exchange?

Discussion in 'Windows Small Business Server' started by clevere, Jul 15, 2004.

  1. clevere

    clevere Guest

    I've started receiving spam at my exchange server.. Not alot mind you, but a
    little. I was wondering, what is the best way to setup the exchange server
    to accept email only from email servers that pass a reverse DNS lookup?
     
    clevere, Jul 15, 2004
    #1
    1. Advertisements

  2. Hi,
    Exchange does not support blocking based on reverse lookups, you can enable
    Exchange to force a reverse lookup, but if it fails it is only going to slow
    down the connection and nothing else.

    Exchange 2003 offers other ways to combat SPAM.
    You can check the Intelligent Message Filter for example:
    http://www.microsoft.com/exchange/downloads/2003/imf/default.asp

    Other feature include recipient filtering where you only accept emails for
    users on your local server, connection filtering where you can configure
    Exchange to perform a check against one of the black lists available on the
    Internet (this is managed by external entities and the servers they list may
    or may not be correct), or you can check some third party products that are
    available that will perform additional filtering, some of them have freeware
    editions. An MVP should be able to provide you more details on that third
    party software and their experiences with it.

    Regards,
    Damian

    --
    Damian N. Leibaschoff, MS IST, MCSE
    Microsoft Corporation

    Get Secure! - www.microsoft.com/security

    =====================================================

    When responding to posts, please "Reply to Group" via

    your newsreader so that others may learn and benefit

    from your issue.

    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Damian N Leibaschoff [MSFT], Jul 15, 2004
    #2
    1. Advertisements

  3. clevere

    clevere Guest

    Thanks Damien. Does the IMF work pretty good? (My hotmail account still
    get's alot of junk email :p ). The only user on the entire SBS box getting
    spam is me, and I don't use the account for anything but email within the
    company. I use hotmail and yahoo! for anything I've signed up for, so I am
    quite baffled by why I am getting the spam.
     
    clevere, Jul 15, 2004
    #3
  4. Hi,

    Sometimes spam/UCE senders use brute force to find valid email accounts on
    your domain.
    The IMF has been working pretty well for me on my own server and I am using
    a threshold of 7.

    Other people may also have their own experiences to share.

    Regards,
    Damian

    --
    Damian N. Leibaschoff, MS IST, MCSE
    Microsoft Corporation

    Get Secure! - www.microsoft.com/security

    =====================================================

    When responding to posts, please "Reply to Group" via

    your newsreader so that others may learn and benefit

    from your issue.

    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Damian N Leibaschoff [MSFT], Jul 15, 2004
    #4
  5. clevere

    clevere Guest

    Thanks for the info Damian. I've installed IMF and I'll try it out and see
    how things go. By the way, the documenation for this thing kind of sucks :)
     
    clevere, Jul 16, 2004
    #5
  6. Your isp populates those reverse dns entries in their dns servers.
    Just give them a call stating that you want a reverse dns entry for
    your mail server.


    I have never heard of a reverse ndr.

    Jim B. SBS MVP
    remove the mvp to send email
     
    Jim Behning SBS MVP, Aug 4, 2004
    #6
  7. Reverse NDR is basically me sending an email to your server where I know the
    local user does not exist with the end goal of getting your server to NDR
    the email back to the original sender, on that case a fake sender or the
    sender I want to get that email to (the NDR and hopefully the payload). This
    will potentially cause a lot of email to be sent out of your sever without
    it being an open relay.

    Regards,
    Damian

    --
    Damian N. Leibaschoff, MS IST, MCSE
    Microsoft Corporation

    Get Secure! - www.microsoft.com/security

    =====================================================

    When responding to posts, please "Reply to Group" via

    your newsreader so that others may learn and benefit

    from your issue.

    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Damian N Leibaschoff [MSFT], Aug 5, 2004
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.