0

I have exchange 2010. If I go to https://emkei.cz/ and send an email by entering an email address that exists on my exchange server in the "from" box and send it to my gmail address, My exchange server goes ahead and sends the email. Gmail blocks it because its spoofed. Here is the deliverable message I got in my inbox from Gmail. Email sent to Gmail

If I use this spoofing website to send an internal email, lets say from my co-worker to myself it arrives safely in my inbox. I have looked through my send and receive connectors and cannot find a way to stop this.

enter image description here

veel84
  • 288
  • 1
  • 6
  • 14

1 Answers1

1

Get-ReceiveConnector "SomeConnector" | Get-ADPermission -User "NT AUTHORITY\Anonymous Logon" | Where-Object {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission

SomeConnector should be replaced by all connectors that allow unauthenticated clients beyond your control (i.e. every internet connector but not those used for scanners, ...).

PaterSiul
  • 246
  • 1
  • 6
  • just in case something breaks i can run the same command with Add-ADPermission correct? – veel84 May 17 '17 at 18:24
  • You should. Use `Get-ReceiveConnector "SomeConnector" | Add-ADPermission -User "NT AUTHORITY\Anonymous Logon" -AccessRights ExtendedRight -ExtendedRights "ms-exch-smtp-accept-authoritative-domain-sender` – PaterSiul May 17 '17 at 18:36
  • ok great, some are still getting through depending on which email address I spoof. Is there something else I should check? – veel84 May 17 '17 at 19:25
  • Hmm. Maybe you missed a connector? You could also check if your domains are set as authoritative. – PaterSiul May 17 '17 at 19:31
  • I have another connector that is set to recieve email for the internet, although its for port 587, the permissions groups tab only has "exchange users" checked. All my domains are authoritative. – veel84 May 17 '17 at 19:34
  • That connector sounds OK. – PaterSiul May 17 '17 at 19:53
  • Looks like the anonymous logons have stopped. Thanks, found this great link that provides the same info you gave me. https://smtpport25.wordpress.com/2011/02/10/configure-anonymous-relay-on-exchange-200710-receive-connectors/#comments – veel84 May 18 '17 at 12:33