OOO and NDR Security Risk Solutions

Hi,

I'd like to enable NDRs and external OOO messages, which have been
disabled by the previous IT Manager, but I am aware of the potential
security risks. Can someone please recommend security tools which help
prevent some of these risks?

Thanks,

Matt

0
mlaufer (6)
10/10/2006 10:56:33 PM
exchange.admin 57650 articles. 1 followers. Follow

1 Replies
438 Views

Similar Articles

[PageSpeed] 29

I know that guns kill people.  Can someone recommend a gun that doesn't kill 
people as much?
-- 
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

<mlaufer@srg.com> wrote in message 
news:1160520993.355412.165180@b28g2000cwb.googlegroups.com...
> Hi,
>
> I'd like to enable NDRs and external OOO messages, which have been
> disabled by the previous IT Manager, but I am aware of the potential
> security risks. Can someone please recommend security tools which help
> prevent some of these risks?
>
> Thanks,
>
> Matt
> 


0
curspice6401 (3487)
10/10/2006 11:16:38 PM
Reply:

Similar Artilces:

Exchange 2000 modifies NDR's from outside
Hello, whenever a NDR generated by remote servers comes to our exchange server, exchange modifies the NDR, including attached message. As a result, we can't safely detect where the problem started and what server generated the NDR. Is there any possibility to set up exchange not to modify the NDR, and to show it exactly as it came in? (except Received: headers, which of course should be added). Thank you. -- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT a...

NDR return with attachment
I have exchange 2000 on windows 2000 with sigle domain, when our users send a mail with file attachment to external users and by mistacke they make typo mistake in email address then they will received NDR mail with same attachment. Can it be configurable in exchane 2000 that users received NDR but without attachment Nagori ...

NDR #2
how does one change permission on the system 32 directory from everyone read to everyone change ...

OOO
Found it Thanks Q323665 ~ David ...

Addin Security
We've developed a couple of addins that are working great with Dynamics GP. Is there anyway we can set up security on the addins? We already tried NTFS on the actual .dll files themselves, but that generates an error message upon logging in that we'd rather not see. Thanks, Steven V. There are ways where you can implant security on your addins and it depends how you would like your security to run. In your addins, Dynamics globals are available to you and from there you can check for the value of 'User ID' of globals to know who is currently logon in Dynamics and from the...

Queues
Somebody who knows an Add-on to define security roles and/or rights on (public) queues in the workplace? ...

How to call Web Service Securely
I love Web Apps in ASP.NET 2.0 because you can easily deny users access to pages by role or user. But for desktop client to webservice methods, I am not sure what to do.... I am looking for the simplest and safest method or pattern to have my Desktop client be able to call a web services securely. Assume my webservice proxy has 15 methods. By securely, I want the Client desktop app to pass some kind of simple username/password token -- something - but not in plain text - so that acces to the web call either immediately succeeds or fails. I don't know where to start - what is...

NDR
I'm getting a NDR on my E2003 server with the following error in it: #5.5.0 smtp error 552 recipient counts exceeds maximum I'm not able to find anything about the error message and I'm wondering what it means and what to do about it. Regards, Rob ...

NDR language
I want to change the language on my ndr reports to english on my Exchange 2003 server. I also want to change the languge in the subject field on out of office messages. Can anyone tell me how to do this? Terje ...

NDR's for existing users
I have a handful of users who are reporting that people on the outside world who are sending messages to them are getting NDR's. The NDR the external people are receiving says: The following recipient(s) could not be reached: USER@RECEVINGDOMAIN.com on 11/28/2005 9:37 AM The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address. <server.sendingdomain.com #5.1.1 smtp;550 5.1.1 <USER@RECEIVING DOMAIN.com>... User unknown> The ...

Terminal services: relaxed versus full security to support VBA customizations
VBA automation in Dynamics completely fails when permission compatibility (in terminal services configuration settings) is set to Full. It's not clear to me whether this disables VBA automation entirely on W2K3 terminal servers, or whether it merely restricts Dynamics users from access to registry areas or files that are needed for VBA automation. Toggling this setting back to "Relaxed Security" immediately (well, after reboot) fixes the problem for Dynamics users. It's been difficult to find documentation that explains how to avoid Relaxed security and successfully run Dyn...

Notes Security
Hello, Our client is using contacts (and contact related notes) across all business units and as such everyone has organization wide read access for notes. However, for some other entities, we want to restrict access, that is, the user should only have read access to entity records and related notes only where the user is the owner. Right now, it seems like even if we limit access to the entity read to self, the users can still read all the notes related to the entity. We would welcome your thoughts around some best practices and methods to handle this. Thanks! Unfortunately as you...

OOO
All, Our Out of Office replies would only work for internal email, and external recipients would not get the notifications. I solved the problem by enabling the setting in Exchange, and also in Active Directory, but I wanted to find out if any of you would know how settings like that would change? Is it possible a service-pack could have changed them at some point, or did it absolutely have to be human-caused? Thanks! -P I believe OOF replies to the internet are disabled by default. Of course, this depends upon which version of exchange was installed. :) "TwistedPair" &...

Using Distribution Groups or Mail-enabled Security Groups
We've upgraded from Exchange 5.5 w/SP4 and Distribution Lists to a new Exchange 2003 w/SP1 server, and were wondering if there is any advantage or disadvantage as to what type of Group to use to replace our Distribution Lists? Our ADS Domain is Windows 2003, if that makes any difference. Thanks. Exchange 5.5 Distribution Lists map to AD/Exchange 200x Distribution Groups. It's a good idea to use those in most cases since they're not security principals. Not a good idea to reveal security group memberships to users/anonymous senders, imo. -- Bharat Suneja MCSE, MCT www....

NDR Attack
Our SBS2003 hard disk filled up due to Exchange log files. I have managed to reclaim a lot of space by cleaning away log files that are not required (following various MS articles). I now find the cause is a Reverse NDR attack on our email address. We only use POP3 for incoming email so not an open relay (Port 25 is blocked at the firewall, cannot telnet in at all). Even so, I have ensured all open relay measures have been taken (for future use). Everytime Exchange starts up, the SMTP Queue starts filling up with thousands of messages again! Help! I have turned on Recipient Filterin...

ooO suddenly broken.
Last summer (during holiday) ooO was working, I can't remember that I've changed anything, but ok .... System Windows Server 2003 R2 Enterprise x64 Edition SP2 Exchange Server 2007 Microsoft Corporation Version: 08.00.0685.018 I checked already all aspects of ooO on this website regarding ooO: http://www.msxfaq.de/konzepte/oof.htm. I've searched web and MS Newgrops - I can't find a solution. Settings a) [PS] Z:\>Get-RemoteDomain |fl DomainName : * CharacterSet : iso-8859-1 NonMimeCharacterSet ...

CEdit control in a Toolbar? bad solution?
Hello. I recently needed a single line numerical edit control in a toolbar. It is actually a transport control for a waveform viewer. I need a place to dislpay the current position int he wave and top allow the user to type in a new position to go to. I could not find a single example of an edit box in a toolbar. But I did find the combobox example. however, none of them actually showed me a proper way to get the control's messages to my view class. So I subclassed the toolbar and added my CEdit control as a member. ( I hope I can explain this correctly! I am new to MFC) The i...

CLEO-DSA@mydomain.com NDR???
How such can be, if this mailbox really exists? Event Type: Warning Event Source: MSExchangeTransport Event Category: Connection Manager Event ID: 756 Date: 03.02.2004 Time: 12:58:08 User: N/A Computer: CLEO Description: A non-delivery report with a status code of 5.1.1 was generated for recipient rfc822;CLEO-DSA@mydomain.com (Message-ID <73052EF5E2D7DF45B5E6BEE3667E48A70164452E@g- mail.domain2.com>). Data: 0000: 46 05 04 80 F..&#128; Hello, On the specific server that generates this NDR i.e event 756, can you connect to the GC(s) this server uses and se...

Cannot Access E-Mail After Security Update
re: Outlook 2003 I ran and installed the most recent security update (see Knowledge Base 892843); ever since, I can no longer send or receive e-mails. I checked all of the settings and nothing seems to have changed. What gives? In news:xIbyf.4948$WY5.1760@newsread2.news.pas.earthlink.net, J-Man <J-Man@yahoo.com> typed: > re: Outlook 2003 > > I ran and installed the most recent security update (see Knowledge > Base 892843); ever since, I can no longer send or receive e-mails. I > checked all of the settings and nothing seems to have changed. What > gives? W...

OOO #2
Robert wrote on 14/6: You can create server based automatic replies with the Exchange Client, Outlook 2002 and 2003. I am not interested in automatic replies though ... I am interested to know how to automatic forward my mails, WITHOUT, reply to the sender. As I am using the same laptop at the office (with exchange server) as on the road (using Ipass connect), I can not set an automatic rule, as this one is only functioning with laptop on in the network. Then you can't use a rule. Your mail admin can create a contact or custom recipient (depending on the version of Exchange) and use d...

Stopping NDR's
Is there away to stop NDR's for users that no longer exist in Exchange 2000, and also keep the "Bad Mail" folder from filling up? Thanks Brad Create an Emtpy Distribution List with no members. Add the ex-employee email address to the DL list. They will simply disappear. For the Bad Mail, you can write a simple batch file to purge or delete the folder. -- John Oliver, Jr. MCSE, MCT, CCNA, Exchange MVP Microsoft Certified Partner "Brad" <anonymous@discussions.microsoft.com> wrote in message news:057a01c3d3e0$48730b60$a101280a@phx.gbl... > Is there away ...

OOO not working
I've encountered a strange problem with one client running Outlook 2000/WindowsXP (both fully patched) accessing an Exchange 2003 server. The issue is ... for this one user, Out of Office messages do not get sent when he sets the OOO Assistant to "not in the office". Some facts to consider; User had the issue previously when on Exchange 2000 (recently migrated to new server). No one else has the problem, OOO works. Tried turning on OOO from within OWA and that doesn't work either. Yes, connected to the Exchange Server. Yes, Exchange extensions are installed. I've seen s...

NDR ?
I get one of the following messages whenever I try to send messages to certain recipients: The following recipient(s) could not be reached: 'betsy@xyz.com' on 4/12/04 9:39 AM The recipient name is not recognized The MTS-ID of the original message is: c=US;a=PRIMARY;p=ELLIST;l=HERAD-040412133844Z-433 ------------------------------------------------- The following recipient(s) could not be reached: 'adam@abc.com' on 3/25/2004 1:53 PM Unable to deliver the message due to a communications failure The MTS-ID of the original message is: c=US;a=PRIMARY;p=ELLIST;l=HERAD-040325185233...

Wired NDR
Hi All, One of my users sent a message on 3/9/05 to an external address, the recipient received the message and replied to the user on 3/10/05. Today 3/14/05 the original sender received an NDR (See below, I changed names) about the first message. We are running Exchange 2003 with SP1 and this is the first time I have heard of this happening. It just happened to be our CEO and a member of our board of directors so needless to say this has moved to the hot pile. Any suggestions or explanations would be helpfull. Thanks, Steve user2@domain.com on 3/14/2005 1:26 PM ...

Cluster or Mirror Solution for Member Server
Hi all, I have a client whose needs are: SBS 2003 R2 , 2 NICs, ISA Installed Create a solution through cluster or mirror of a member server where he runs "critical" LOB. If the server 1 goes down, server 2 comes right on. Can anyone share some ideas on this? Thanks, Dan This is a multi-part message in MIME format. ------=_NextPart_000_0072_01CB2F0E.DBF58760 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi Daniel Please note that this venue is due to be closed in a few days and you=20 will get mu...