Sunday, November 10, 2013

Spoofed Address

Resolve Spoofed Address Issue

ms-Exch-SMTP-Accept-Authoritative-Domain-Sender permission on the default receive connector

Get-ReceiveConnector 'Default E2' | Remove-ADPermission -user 'NT AUTHORITY\ANONYMOUS LOGON' -ExtendedRights 'ms-Exch-SMTP-Accept-Authoritative-Domain-Sender'

Add-ADPermission –Identity “Default internal receive connector SPARTAN" –Deny –User “NT Authority\Anonymous Logon" –ExtendedRights ms-exch-smtp-accept-authoritative-domain-sender

Get-ReceiveConnector "Default ReceiveConnector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission

Uncheck the Bypass Antispam for Authenticated user for Default Receive connector from ADSIEDIT.msc 

We run the command from the Set-SenderIdConfig -InternalMailEnabled $True and 
Set-SenderfilterConfig -InternalMailEnabled $True 

Restart the Transport service

Sender ID Sender ID verifies that each e-mail message originates from the 
Internet domain from which the message claims to come by examining the sender's IP 
address and comparing the IP address to the Sender ID record in the sender's public 
Domain Name System (DNS) server. The Sender ID record in the sender's public DNS 
server is the sender policy framework (SPF) record. The SPF defines the IP 
addresses that are authorized to send messages for the domain in which the SPF 
record resides. When the receiving system queries the SPF record, and a "Pass" 
status is returned, the receiving system has a higher assurance that the message is 
not being spoofed by an illegitimate sender.
You can specify how the Sender ID agent handles temporary errors, such as DNS 
failures, when it performs an SPF query. 

For more information, see Sender IDSender ID 

No comments:

Post a Comment