Exchange 2007-2010如何防止外部连接冒用本域地址向内发邮件?

在缺省情况下Anonymous user权限组有下面的权限:

Ms-Exch-SMTP-Submit

Ms-Exch-SMTP-Accept-Any-Sender

Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.

Ms-Exch-Accept-Headers-Routing

解决:

1. 在Exchange中心传输服务器上,运行ADSIEDIT.msc.
2. 浏览定位到Configuration->Services->Microsoft Exchange->First Organization->Adminstrative Groups->Exchange Administrative Group ->Servers->server_name->Protocols->SMTP Receive Connector
3. 右击Default Receive Connector并切换到Security栏,点击选中Anonymous Logon.
4. 在下面的列表中点击选中 Accept Authoritative Domain Sender右边的Deny.
5. 重启Microsoft Transport services服务.

测试服务器查看默认都是开启的….

使用adsiedit.msc需要安装2003光盘里面的X:\SUPPORT\TOOLS\SUPTOOLS.MSI支持包

此条目发表在Exchange分类目录,贴了标签。将固定链接加入收藏夹。

发表评论

电子邮件地址不会被公开。 必填项已用*标注