|
Home > Archive > microsoft.public.exchange2000.admin > October 2002 > telnet issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| John Chalhoub 2002-10-05, 8:15 pm |
| Is there anyway I can disable anyone from sending a email messages using
SMTP commands through a telnet session. The reason is that one can open a
telnet session to the SMTP server port 25 and send a message by pretending
to be someone else (MAIL FROM). This is very dangerous.
Thanks in advance
John
| |
| Neil Hobson 2002-10-05, 8:15 pm |
| Specify (in the SMTP virtual server) those IP addresses that are allowed to
connect to it.
--
Neil Hobson
Messaging Consultant
http://www.silversands.co.uk
"John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
news:#IjkeVaTCHA.4044@tkmsftngp12...
> Is there anyway I can disable anyone from sending a email messages using
> SMTP commands through a telnet session. The reason is that one can open a
> telnet session to the SMTP server port 25 and send a message by pretending
> to be someone else (MAIL FROM). This is very dangerous.
>
> Thanks in advance
>
> John
>
>
| |
| Intermedia.Net Support \(AI\) 2002-10-05, 8:15 pm |
| Hello,
You can examine relay restrictions. Please review and follow Microsoft
Knowledge Base article at
http://support.microsoft.com/defaul...;en-us;q313395.
Regards,
Intermedia.NET (AI)
Microsoft Certified Solutions Provider
Providing expertise in hosting applications
MS Exchange Hosting: http://www.intermedia.net/exchangehosting
Windows 2000 Web Hosting: http://www.intermedia.net/webhosting
For a waiver of the set up fee use "IMFREE" code
"John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
news:#IjkeVaTCHA.4044@tkmsftngp12...
> Is there anyway I can disable anyone from sending a email messages using
> SMTP commands through a telnet session. The reason is that one can open a
> telnet session to the SMTP server port 25 and send a message by pretending
> to be someone else (MAIL FROM). This is very dangerous.
>
> Thanks in advance
>
> John
>
>
| |
| John Chalhoub 2002-10-05, 8:15 pm |
| Thanks for your reply.
I don't want to filter any messages. I just want to make sure that no one
(internal or external user) can impersonate someone else when sending a
message. That is, I want to make sure when someone receives an email he
should be sure that he is receiving the email from the correct sender (as
indicated in the sender field) and not by someone else claiming to be the
sender. I hope I made myself clear.
"Intermedia.Net Support (AI)" <newspost@intermedia.net> wrote in message
news:OGsG71aTCHA.1468@tkmsftngp11...
> Hello,
>
> You can examine relay restrictions. Please review and follow Microsoft
> Knowledge Base article at
> http://support.microsoft.com/defaul...;en-us;q313395.
>
> Regards,
> Intermedia.NET (AI)
> Microsoft Certified Solutions Provider
> Providing expertise in hosting applications
> MS Exchange Hosting: http://www.intermedia.net/exchangehosting
> Windows 2000 Web Hosting: http://www.intermedia.net/webhosting
> For a waiver of the set up fee use "IMFREE" code
>
> "John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
> news:#IjkeVaTCHA.4044@tkmsftngp12...
> > Is there anyway I can disable anyone from sending a email messages using
> > SMTP commands through a telnet session. The reason is that one can open
a
> > telnet session to the SMTP server port 25 and send a message by
pretending
> > to be someone else (MAIL FROM). This is very dangerous.
> >
> > Thanks in advance
> >
> > John
> >
> >
>
>
| |
| Neil Hobson 2002-10-05, 8:15 pm |
| Ah, I thought you just wanted to stop internal users from doing this, and
that you probably had some other SMTP relay fronting to the Internet.
Blocking IP addresses in your situation isn't going to help. I don't think
you can do what you want - welcome to the world of SMTP!
--
Neil Hobson
Messaging Consultant
http://www.silversands.co.uk
"John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
news:OSL3bhbTCHA.1900@tkmsftngp09...
> Thanks for your reply.
>
> I don't want to filter any messages. I just want to make sure that no one
> (internal or external user) can impersonate someone else when sending a
> message. That is, I want to make sure when someone receives an email he
> should be sure that he is receiving the email from the correct sender (as
> indicated in the sender field) and not by someone else claiming to be the
> sender. I hope I made myself clear.
>
>
>
>
>
> "Intermedia.Net Support (AI)" <newspost@intermedia.net> wrote in message
> news:OGsG71aTCHA.1468@tkmsftngp11...
> > Hello,
> >
> > You can examine relay restrictions. Please review and follow Microsoft
> > Knowledge Base article at
> > http://support.microsoft.com/defaul...;en-us;q313395.
> >
> > Regards,
> > Intermedia.NET (AI)
> > Microsoft Certified Solutions Provider
> > Providing expertise in hosting applications
> > MS Exchange Hosting: http://www.intermedia.net/exchangehosting
> > Windows 2000 Web Hosting: http://www.intermedia.net/webhosting
> > For a waiver of the set up fee use "IMFREE" code
> >
> > "John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
> > news:#IjkeVaTCHA.4044@tkmsftngp12...
> > > Is there anyway I can disable anyone from sending a email messages
using
> > > SMTP commands through a telnet session. The reason is that one can
open
> a
> > > telnet session to the SMTP server port 25 and send a message by
> pretending
> > > to be someone else (MAIL FROM). This is very dangerous.
> > >
> > > Thanks in advance
> > >
> > > John
> > >
> > >
> >
> >
>
>
| |
| Naresh Kumar 2002-10-05, 8:15 pm |
| In the relay restriction...uncheck the following
"Allow all computers which successfully authenticate to relay,
regardless of th list above"
"John Chalhoub" <hannac@newhorizons.com.lb> wrote in message news:<#IjkeVaTCHA.4044@tkmsftngp12>...
> Is there anyway I can disable anyone from sending a email messages using
> SMTP commands through a telnet session. The reason is that one can open a
> telnet session to the SMTP server port 25 and send a message by pretending
> to be someone else (MAIL FROM). This is very dangerous.
>
> Thanks in advance
>
> John
| |
| Mark Fugatt 2002-10-05, 8:15 pm |
| Do not uncheck that box, by doing so you will potentially make your server
an open relay.
Here is a document that explains Relaying in Exchange 2000, by default
Exchange 2000 does not allow unauthorized relaying:
http://www.msexchange.org/pages/articles.asp?art=605
--
Mark Fugatt
Pentech Office Solutions Inc
www.exchangetrainer.com and www.4mcts.com
Visit www.msexchange.org for practical information on Microsoft Exchange
--- Please respond to this newsgroup and not directly via Email ---
"Naresh Kumar" <nareshk26@yahoo.com> wrote in message
news:4237cba7.0208270953.19291df7@posting.google.com...
> In the relay restriction...uncheck the following
> "Allow all computers which successfully authenticate to relay,
> regardless of th list above"
>
>
> "John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
news:<#IjkeVaTCHA.4044@tkmsftngp12>...
> > Is there anyway I can disable anyone from sending a email messages using
> > SMTP commands through a telnet session. The reason is that one can open
a
> > telnet session to the SMTP server port 25 and send a message by
pretending
> > to be someone else (MAIL FROM). This is very dangerous.
> >
> > Thanks in advance
> >
> > John
| |
| David Sengupta [MVP] 2002-10-05, 8:15 pm |
| You're trying to get around something that is core to the SMTP protocol. I
don't think too many people will be telnetting to your server and going
through the mail from... rcpt to ... etc. commands manually. There are much
easier ways to do this ... there's nothing stopping me from setting up an
account in Outlook Express, for example, in which I spoof your display name,
SMTP address and just find an open relay to send from. You're better off
just blocking public relay and then relying on message headers (where
possible) to track down spammers. Or look at digital signatures & certs if
you really want to ensure authenticity.
--
David Sengupta M.T.S., MVP, MCSE, MCSE 2000, CCA Ottawa, Canada
Exchange Diagnostics - Quest Spotlight on Exchange -
http://www.quest.com/spotlight_exchange
Exchange Management - Microsoft Operations Manager -
http://www.microsoft.com/mom/
Exchange FAQ - http://www.swinc.com/resource/exch_faq.htm
"Neil Hobson" <neilhobson@NOSPAM.supanet.com> wrote in message
news:#ij11lbTCHA.2552@tkmsftngp13...
> Ah, I thought you just wanted to stop internal users from doing this, and
> that you probably had some other SMTP relay fronting to the Internet.
>
> Blocking IP addresses in your situation isn't going to help. I don't
think
> you can do what you want - welcome to the world of SMTP!
>
> --
> Neil Hobson
> Messaging Consultant
>
> http://www.silversands.co.uk
>
>
>
>
>
> "John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
> news:OSL3bhbTCHA.1900@tkmsftngp09...
> > Thanks for your reply.
> >
> > I don't want to filter any messages. I just want to make sure that no
one
> > (internal or external user) can impersonate someone else when sending a
> > message. That is, I want to make sure when someone receives an email he
> > should be sure that he is receiving the email from the correct sender
(as
> > indicated in the sender field) and not by someone else claiming to be
the
> > sender. I hope I made myself clear.
> >
> >
> >
> >
> >
> > "Intermedia.Net Support (AI)" <newspost@intermedia.net> wrote in message
> > news:OGsG71aTCHA.1468@tkmsftngp11...
> > > Hello,
> > >
> > > You can examine relay restrictions. Please review and follow Microsoft
> > > Knowledge Base article at
> > > http://support.microsoft.com/defaul...;en-us;q313395.
> > >
> > > Regards,
> > > Intermedia.NET (AI)
> > > Microsoft Certified Solutions Provider
> > > Providing expertise in hosting applications
> > > MS Exchange Hosting: http://www.intermedia.net/exchangehosting
> > > Windows 2000 Web Hosting: http://www.intermedia.net/webhosting
> > > For a waiver of the set up fee use "IMFREE" code
> > >
> > > "John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
> > > news:#IjkeVaTCHA.4044@tkmsftngp12...
> > > > Is there anyway I can disable anyone from sending a email messages
> using
> > > > SMTP commands through a telnet session. The reason is that one can
> open
> > a
> > > > telnet session to the SMTP server port 25 and send a message by
> > pretending
> > > > to be someone else (MAIL FROM). This is very dangerous.
> > > >
> > > > Thanks in advance
> > > >
> > > > John
> > > >
> > > >
> > >
> > >
> >
> >
>
>
| |
| Ed Woodrick 2002-10-05, 8:15 pm |
| Nope, no way, no how, not going to happen.
And it doesn't matter if you actually could do it on your server, anybody
can normally send as anybody, that's the way SMTP works. Go home and
configure your Outlook Express to use any address you want. Watch it work.
"John Chalhoub" <hannac@newhorizons.com.lb> wrote in message
news:#IjkeVaTCHA.4044@tkmsftngp12...
> Is there anyway I can disable anyone from sending a email messages using
> SMTP commands through a telnet session. The reason is that one can open a
> telnet session to the SMTP server port 25 and send a message by pretending
> to be someone else (MAIL FROM). This is very dangerous.
>
> Thanks in advance
>
> John
>
>
|
|
|
|
|