Only allow messages from 10 IP addresses

We have an anti-SPAM service where we set our MX records on the Internet for 
their servers which filters our email for us then forwards the mail to us - 
Works great.  We also have the Exchange 2003 SP1 server setup so it does not 
route SMTP mail out - works great.  A problem we have is that some spam 
houses and infected computers seem to know our Exchange Server's IP address 
and that it is the mail server for MYDOMAIN.COM so they can still SPAM us by 
connecting via SMTP and sending mail to our_users@mydomain.com which the 
server naturally accepts since it is not routing.

We want to configure Exchange 2003 SP1 Server to stop this by only accept 
email from the 10 servers at the Anti-SPAM service.  To set this up I 
opened:

System Manager
-> Global Settings
-> Right Clicked and chose Properties
-> Connection Filtering Tab
-> Accept

Then entered the 10 servers that I wanted to only accept email from.  I also 
went to :

System Manager
-> Servers
-> MyServerName
-> Protocols
-> SMTP
-> Default
-> Right Clicked and chose Properties
-> General Tab
-> Advanced
-> Edit

And turned on Apply "Connection Filter" however that is not stopping mail 
from coming in from servers not on the Accept list.  It is only when I 
filled in networks I want to deny on the Deny tab under the Global Settings 
that enable the restrictions.  It seems like I these settings do not have an 
implied "Deny All" when I fill in just servers to accept from.  For example 
it sees that if I only set Allow for:

192.168.0.1
192.168.0.2
192.168.0.3

and tried to connect with 192.168.0.4  - I would still be able to connect 
via SMTP and sent a message to myself on this server.  Only when I set 
192.168.0.0 subnet 255.255.255.0 in the Deny would all addresses in the 
192.168.0.0 network except for .1 .2 and .3 get restricted.  It appears that 
if I want to do this for ALL the addresses on the Internet I would have to 
Allow only the 10 as expected, but then also have to add the following to 
the Deny table:

1.0.0.0 with subnet 255.0.0.0
2.0.0.0 with subnet 255.0.0.0
3.0.0.0 with subnet 255.0.0.0
and so on......

Is there a way to do this so I don't have to enter these 254 network items 
manually or is there at least a way I can import the Deny list from Excel or 
a CSV file or something?


0
5/22/2006 5:34:32 PM
exchange.admin 57650 articles. 2 followers. Follow

3 Replies
369 Views

Similar Articles

[PageSpeed] 51


In news:OmFC%23XcfGHA.4880@TK2MSFTNGP03.phx.gbl,
Jordan <nojunk_allowed@nospam.com> typed:
> We have an anti-SPAM service where we set our MX records on the
> Internet for their servers which filters our email for us then
> forwards the mail to us - Works great.  We also have the Exchange
> 2003 SP1 server setup so it does not route SMTP mail out - works
> great.

Not sure what that has to do with this....

> A problem we have is that some spam houses and infected
> computers seem to know our Exchange Server's IP address and that it
> is the mail server for MYDOMAIN.COM so they can still SPAM us by
> connecting via SMTP and sending mail to our_users@mydomain.com which
> the server naturally accepts since it is not routing.

Do you still have an MX record in your public DNS that points to your own 
public IP? If so, get rid of it - spammers often target the 
higher-cost/lower priority MX record(s) as they know that it likely bypasses 
spamfilters.

>
> We want to configure Exchange 2003 SP1 Server to stop this by only
> accept email from the 10 servers at the Anti-SPAM service.

Perfectly possible, but be careful - this could be a problem if they change 
IP addresses without notifying you.

>  To set
> this up I opened:
>
> System Manager
> -> Global Settings
> -> Right Clicked and chose Properties
> -> Connection Filtering Tab
> -> Accept
>
> Then entered the 10 servers that I wanted to only accept email from.

<snip>

This isn't the right place. Connection filtering blocks connections based on 
RBLs, if you use them, or whatever you've set in a global deny list.

Undo what you did, and go to:

Properties of VSMTP server
Access tab
Connection button
"Only the list below" ....press Add
Enter whatever you wish.

However, as I said, this could be dangerous - if the antispam service uses 
any sort of load balancing, you'd have to know *all* their potential IP 
addresses. I would first check your public DNS as mentioned above.



>
> Is there a way to do this so I don't have to enter these 254 network
> items manually or is there at least a way I can import the Deny list
> from Excel or a CSV file or something?


0
lanwench (7567)
5/22/2006 5:52:51 PM
your firewall should be configured to only allow incoming port 25 traffic if 
it sources from one of you spam servers. are we talking about postini?



"Jordan" <nojunk_allowed@nospam.com> wrote in message 
news:OmFC%23XcfGHA.4880@TK2MSFTNGP03.phx.gbl...
> We have an anti-SPAM service where we set our MX records on the Internet 
> for their servers which filters our email for us then forwards the mail to 
> us - Works great.  We also have the Exchange 2003 SP1 server setup so it 
> does not route SMTP mail out - works great.  A problem we have is that 
> some spam houses and infected computers seem to know our Exchange Server's 
> IP address and that it is the mail server for MYDOMAIN.COM so they can 
> still SPAM us by connecting via SMTP and sending mail to 
> our_users@mydomain.com which the server naturally accepts since it is not 
> routing.
>
> We want to configure Exchange 2003 SP1 Server to stop this by only accept 
> email from the 10 servers at the Anti-SPAM service.  To set this up I 
> opened:
>
> System Manager
> -> Global Settings
> -> Right Clicked and chose Properties
> -> Connection Filtering Tab
> -> Accept
>
> Then entered the 10 servers that I wanted to only accept email from.  I 
> also went to :
>
> System Manager
> -> Servers
> -> MyServerName
> -> Protocols
> -> SMTP
> -> Default
> -> Right Clicked and chose Properties
> -> General Tab
> -> Advanced
> -> Edit
>
> And turned on Apply "Connection Filter" however that is not stopping mail 
> from coming in from servers not on the Accept list.  It is only when I 
> filled in networks I want to deny on the Deny tab under the Global 
> Settings that enable the restrictions.  It seems like I these settings do 
> not have an implied "Deny All" when I fill in just servers to accept from. 
> For example it sees that if I only set Allow for:
>
> 192.168.0.1
> 192.168.0.2
> 192.168.0.3
>
> and tried to connect with 192.168.0.4  - I would still be able to connect 
> via SMTP and sent a message to myself on this server.  Only when I set 
> 192.168.0.0 subnet 255.255.255.0 in the Deny would all addresses in the 
> 192.168.0.0 network except for .1 .2 and .3 get restricted.  It appears 
> that if I want to do this for ALL the addresses on the Internet I would 
> have to Allow only the 10 as expected, but then also have to add the 
> following to the Deny table:
>
> 1.0.0.0 with subnet 255.0.0.0
> 2.0.0.0 with subnet 255.0.0.0
> 3.0.0.0 with subnet 255.0.0.0
> and so on......
>
> Is there a way to do this so I don't have to enter these 254 network items 
> manually or is there at least a way I can import the Deny list from Excel 
> or a CSV file or something?
>
> 


0
Jimmy
5/22/2006 7:53:53 PM
[Not sure what that has to do with this....]

That was just a description of the setup to show that all is working 
properly.

[Do you still have an MX record pointing to your own...]

No.  Did years ago, but not now

[Properties of VSMTP server]
[ Access tab]
[Connection button]
[ "Only the list below" ....press Add]
[ Enter whatever you wish.]

Did that originally, but it did not block anything.  I could still telnet on 
25 from random outside IPs and send email to any user on the server.



"Lanwench [MVP - Exchange]" 
<lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in message 
news:%23dpRPicfGHA.4864@TK2MSFTNGP05.phx.gbl...
>
>
> In news:OmFC%23XcfGHA.4880@TK2MSFTNGP03.phx.gbl,
> Jordan <nojunk_allowed@nospam.com> typed:
>> We have an anti-SPAM service where we set our MX records on the
>> Internet for their servers which filters our email for us then
>> forwards the mail to us - Works great.  We also have the Exchange
>> 2003 SP1 server setup so it does not route SMTP mail out - works
>> great.
>
> Not sure what that has to do with this....
>
>> A problem we have is that some spam houses and infected
>> computers seem to know our Exchange Server's IP address and that it
>> is the mail server for MYDOMAIN.COM so they can still SPAM us by
>> connecting via SMTP and sending mail to our_users@mydomain.com which
>> the server naturally accepts since it is not routing.
>
> Do you still have an MX record in your public DNS that points to your own 
> public IP? If so, get rid of it - spammers often target the 
> higher-cost/lower priority MX record(s) as they know that it likely 
> bypasses spamfilters.
>
>>
>> We want to configure Exchange 2003 SP1 Server to stop this by only
>> accept email from the 10 servers at the Anti-SPAM service.
>
> Perfectly possible, but be careful - this could be a problem if they 
> change IP addresses without notifying you.
>
>>  To set
>> this up I opened:
>>
>> System Manager
>> -> Global Settings
>> -> Right Clicked and chose Properties
>> -> Connection Filtering Tab
>> -> Accept
>>
>> Then entered the 10 servers that I wanted to only accept email from.
>
> <snip>
>
> This isn't the right place. Connection filtering blocks connections based 
> on RBLs, if you use them, or whatever you've set in a global deny list.
>
> Undo what you did, and go to:
>
> Properties of VSMTP server
> Access tab
> Connection button
> "Only the list below" ....press Add
> Enter whatever you wish.
>
> However, as I said, this could be dangerous - if the antispam service uses 
> any sort of load balancing, you'd have to know *all* their potential IP 
> addresses. I would first check your public DNS as mentioned above.
>
>
>
>>
>> Is there a way to do this so I don't have to enter these 254 network
>> items manually or is there at least a way I can import the Deny list
>> from Excel or a CSV file or something?
>
> 


0
5/22/2006 8:20:33 PM
Reply:

Similar Artilces:

recieved error message 0x8DE00006
I cannot get Outlook to send a mass mailer out to business emails. Is ther a max amount that I can send too? I just keep getting this error message and then I go to look it up and there is not solution. Please help!? I have about 375 emails addresses in a distribution list. I just can't seem to send it out. This is most probably an issue with your ISP. They put a quota on how many emails you can send out at a single time. It is a control put in place to restrict Spam. Call your ISP for info -- Peter Please Reply to Newsgroup for the benefit of others Requests fo...

All macros failing part way through with different error messages
All the macros I have in various workbooks are failing - usually part-way through - with different error messages each time. When I check the debugger and try to edit the text, there seems no reason why there should be a problem. The macro has so far stopped on instructions to : - open a workbook - select a worksheet - paste a column in a different place Several times the macro has just stopped running without completing and without showing an error message. I cannot run a host of urgent daily reports without using the macros. Please help! NO way to help unless you tell us exactly...

Trouble enabling Message tracking
when i go to enable message tracking on my 2k3 exchange server it comes up with the following error: Access Denied. Facitity: LDAP Provider ID no: 80070005 Microsoft exchange management. Now i have full rights over the domain - Full exchange right. I've also permissioned the share and NTFS of \\server\exchange.log correctly and this share points to c:\program files\Exchsrvr\server.log. Could someone please help me? many thanks Will Gerrish Are you trying to do this from the actual Exchange server or somewhere else? Nue "will gerrish" <willgerrish@discussions.microso...

Outlook 2003: Most messages are moved to junk folder
Guys, I am getting a lot of spam recently, at least looking at the numbers of mails in my junk folder. However, it turns out that these messages are not spam at all, but just regular messages (even from the same domain), that should remain in the regular inbox. Even when I identify a message as 'Not spam', then subsequent messages from that sender keep popping up in the junk folder. Obviously I have changed the junk mail settings to 'No automatic filtering' but Outlook keeps thinking it is smarter than I am. Any idea? Googled the internet already but couldn't find anoth...

VLookup in VBA giving error message
Hi, I'm having trouble making the vlookup function work in VBA. the values that are used are all dates, I don't know if that makes a difference. Worksheets("sheet1").range("a1").value = application.WorksheetFunction. _ Vlookup(Range("c1"), range("a:a"), 2) this gives me a run-time error '1004' Unable to get the vlookup property of the Worksheet function class so i tried this: Worksheets("sheet1").range("a1").value = application.Vlookup(Range("c1"), _ range("a:a"), 2) but this gives me a #REF ...

Sending email messages without clicking the Send & Receive bu...
Is there a simple way to tell Outlook to send outgoing messages automatically when you click the "send" button? Sometimes I have to click the "Send and Receive" button after I click "send." On Sun, 13 Mar 2005 19:03:01 -0800, "NewUser" <NewUser@discussions.microsoft.com> wrote: >Is there a simple way to tell Outlook to send outgoing messages automatically >when you click the "send" button? Sometimes I have to click the "Send and >Receive" button after I click "send." Since you don't say what vers...

Exchange 5.5 to 2003 upgrade issue 3
We have upgraded our Exchange 5.5 server to 2003 and moved all the mailboxes and moved and re-homed the folders following the KB articles. We turned off the 5.5 services and for a week everything was working fine. Now for some reason the messages to the main distribution list is being sent to the old 5.5 server on a x400 protocol. How can I stop this and assure that the 2003 server is self contained so I can get rid of this server? ...

how to config Server for one user which has 2 mail address.
we have one NT4.0 + Exchange 5.5 Server "A" Email abc@xxx.com.cn ��and another windows2003 + exchange 2003 Server "B" abc@cn.xxx.com user name is same in A B��Mx record was be set ,question is how to config Exchange 2003 to receive down the mail to Server A , because of we need to replace A with B. thanks a lot. E2K3 setup guides you through common scenarios (like yours) pretty much holding your hand - on welcome screen tell it that you have existing E55 org and want to join it, then follow on-screen instructions. Having usable backup of Exchange databases and AD i...

How Can I Control When Messages are Downloaded from Server
I have the box "Check for messages every ___ minutes" unchecked (tools/options/general). Yet seemingly randomly, messages get downloaded a couple of times a day without my clicking "Sync." This is problematic due to the way I share the computer. Is there another setting I need to keep this spontaneous downloading from occurring? "Gripper" <Gripper@discussions.microsoft.com> wrote in message news:F22A9D3A-AFB5-4C85-B94B-79B109E4829E@microsoft.com... > I have the box "Check for messages every ___ minutes" unchecked > (too...

Vacation Message
Is there a way to send an automated response letting people know you are away from the office? If corporate e-mail servers are Microsoft Exchange, you should have an option under the Tools menu called Out of Office Assistant. "Brien" <bnicolau@falcon.tamucc.edu> wrote in message news:0db401c34d2c$307e9e10$a101280a@phx.gbl... > Is there a way to send an automated response letting > people know you are away from the office? ...

Set default address book automatically (registry)
I know I have done this before a few years back in another site - but I cant remember how. We need to set the default lookup address book for all our 2000+ OL2k3 users and to use a specific lookup order. I know they could each do this manually but we have 2000+ users and the support overhead would be huge. We dont want to users to use the GAL as their default lookup (which it is out of the box) because it contains lost of confusing system addresses and duplicate names for the same person in different security level networks; which the users find VERY confusing to distinguish between). We wan...

Program Trying to Access Email Addresses #3
Outlook 2002. When I try to create new mail, forward, or reply I get a dialog box telling me: A program is trying to access e-mail addresses you have stored in Outlook. Do you want to allow this? If this is unexpected, it may be a virus and you should choose "No". How do I determine what program is trying to access the Outlook addresses? I have up to date Norton Anti-virus definitions and have done a system scan, with nothing detected. Thanks for the help. ...

Fossil Watch
Price:$75.00 Image: http://bestdeallocator.info/image.php?id=B000W7UJJI Best deal: http://bestdeallocator.info/index.php?id=B000W7UJJI The watch that I ordered was lost by the shipping company. When I called ShoppingZulla, they refunded my money within 1 day - when it wasn't even their fault. Mens black IP watch which features a black leather strap on a black IP case. Accented with bold hour markers and black dial 5 ATM. Limited 11 year warranty SIMILAR PRODUCTS: Fossil Watch - Blue Dial:http://bestdeallocator.info/index.php?id=B001AOGIUQ Fossil Watch - White Multifunctio...

Problem with message routing between EXCH2K and EX2K3
We are running a ver simply Exchange topology, with an Exchange 2000 single server (ServerA) acting as "dumb" Information Store. Incoming and outbound SMTP email is relayed through a Linux based SMTP host relay on the same subnet, which handles all domain lookups for mail routing. ServerA is configured to use to the Linux SMTP server as it's smart host. The domain is a native Windows 2003 AD topology. My problem is the following: I have recently added a new Exchange 2003 Server (ServerB) into our Exchange site topology. If I create a user (UserA) on ServerA and then do a...

Transfer address bk and messages
How do I transfer fromm outlook 2003 my info to 2003 on anew computer. Can it really be that hard? Nope. This is your second post. One is enough: http://office.microsoft.com/assistance/preview.aspx?AssetID=HA010771141033&CTT=98 -- Russ Valentine [MVP-Outlook] "diggy" <anonymous@discussions.microsoft.com> wrote in message news:37da01c469f6$b6172d20$3a01280a@phx.gbl... > How do I transfer fromm outlook 2003 my info to 2003 on > anew computer. Can it really be that hard? ...

FRx 6.7 Compatability with GP 10. 0
Hi, Is FRx 6.7 is campatable with GP 10.0? I have installed Frx 6.7 with and using successfully as local cleint but as requirement I need to run the same Balance Sheet Report which I have created on my client machine want to run on the different client machines withou installing the FRx. Do I need to installed FRx on each client machine? Please give the details. Your immediate help will be greatly appreciated. -- Developer Yes. Frx 6.7 is compatible with GP 10.0. Make sure to apply the latest service pack. I am not sure I understand your question. Are you asking if you need to c...

invalid use of property message
I am trying to cre4ate a macro that checks the value of a number of sheets to determine if they are already visible and if so it will not close them - With Sheets("Pay Inflation - Biometrics") Sheets ("Statistics") Sheets ("Direct Cost Savings Breakdown") Sheets ("OT Reduction") Sheets ("Nurse OT Reduction") Sheets ("Premium Labor Utilization") Sheets ("Pay inflation - Timestamp") Sheets ("Calculation Error") Sheets ("Le...

Public Const strConstantBlue As String = "RGB(79, 129, 189)" throwing error messages
Dear Experts: I declared a Public Constant whose value is valid for a COUPLE of macros. The declaration statement to define the value of the constant is as follows: Public Const strConstantBlue As String = "RGB(79, 129, 189)" The above defined constant will then be used in below macro as well as several similar macros. I declared a Public Const so that I just have to alter the RGB values in one place, should a change be required. Regrettably the macro throws error messages, telling me that a runtime error 13 has occurred. What's wrong with the declaration sta...

Cursor on new message window but no text appears when typed?
When using Outlook 2003 for sending new e-mail, I'm unable to type text into the message body. The cursor appears but no text shows. Text appears when I use Word 2003 to send my new e-mail message. It is more convenient for me to use Outlook. Help. ...

updates 05-29-10
I keep getting configuering updates when I turn on anff my computer.Also cant search for updates and there is no record of any updates being downloaded gerry wrote: > I keep getting configuering updates when I turn on anff my > computer.Also cant search for updates and there is no record of any > updates being downloaded When was the last time you freshly installed Windows ME? -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html ...

Error 553 "sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)"
Using outlook 2002 and mail returned as follows. Please help. "553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)" You may need to authenticate to your outgoing server. To set this up, click on "More Settings..." on your account page, then go to the "Outgoing Server" tab. -- Jeff Stephenson Outlook Development This posting is provided "AS IS" with no warranties, and confers no rights "Anthea" <antheama@yahoo.com> wrote in message news:046a01c34ec5$f2f2fb40$a501280a@phx.gbl... > Using outlook 2002 and ma...

Please help a exchange newbie.. Message filtering
I have a contact set up on Exchange 2003 that forwards to a cell phone for alerts generated in our environment. This contact is setup to get notice of several events, all events have separate email address as the "sender" one of the events gets allot of notices. I would like to have this contact not receive mail from the one email address that generated allot of events. I have set up the properties under the exchange general > messaging restrictions, and have authenticated users only and from everyone except the email account I don't want to receive alerts from, BUT when anyon...

Header doesn't printed in Draft message
I would like to know any work around to print header (From, To, CC) of a draft message. Thanks ...

Receiving Messages
I recently downloaded outlook express 6. Now on most of my incoming mail w/attachments I receive the note "OE removed access to the following unsafe attachment in your mail". I know the people who are sending me the mail and have no reason to believe there may be a virus included. How can I remove this feature from my E mail. I apologize if I've sent this to the wrong group. Tools | Options | Security.... This newsgroup is for support of Outlook 97, 98, 2000, 2002 & 2003 from the Office family for Intel PCs. ...

Report sorting 03-16-10
Hi, I have a continious form that displays four fields for each records of a table. On the form I have a sort button for each of the four fields which sorts the records based on the field selected. I also have a report button that prints a report that produces one page per record. My problem is that I want the report to be in the same order that the records appear on the screen which is based on the sort selected. How do I get my report to print in the same order as the records appear on the screen? Your help would be appreciated. Thanks, I would use some code to extract...