Exchange 2010 Prevent Authenticated Users From Sending Email From Any Address

Posted by Chance on Server Fault See other posts from Server Fault or by Chance
Published on 2012-11-26T20:03:28Z Indexed on 2012/11/26 23:07 UTC
Read the original article Hit count: 183

Filed under:
|

I have recently been combating an SMTP AUTH attack in which one of my email accounts had been compromised and was being used to solicit spam. I have been able to identify the account and change the password however I would like to further restrict my exchange server. By default exchange 2010 allows for any authenticated user to specify any email address as the MAIL FROM address and it will accept it. Is there any way to restrict this so that only the authenticated account's email address will be able to be used as the MAIL FROM address? I have been looking through all ADPermissions for the SMTP connector however I can't find any documentation on how to accomplish this. Any suggestions would be greatly appreciated.

Telnet Test Picture

Telnet Test

SMTP Connector Properties Pictures

Permissions Tab

© Server Fault or respective owner

Related posts about exchange

Related posts about exchange-2010