Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Wed, 24 May 2006 11:33:06 +0200,    group: microsoft.public.exchange2000.admin        back       


how to enforce the From: field on a SMTP relay ?    
hi,

I would like to use my exchange server as a relay for some un*x boxes 
but I would like to be sure that the From: field is correct by verifying 
  it against the AD.

is there a way to do that ? if not, is there at least a way to verify 
that this field is well formed (user@host.domain or better 
user@mydomain.com) ?

TIA,
Pierre.
date: Wed, 24 May 2006 11:33:06 +0200   author:   Pierre Bru

Re: how to enforce the From: field on a SMTP relay ?    
On Wed, 24 May 2006 11:33:06 +0200, Pierre Bru
 wrote:

>hi,
>
>I would like to use my exchange server as a relay for some un*x boxes 
>but I would like to be sure that the From: field is correct by verifying 
>  it against the AD.
>
>is there a way to do that ? if not, is there at least a way to verify 
>that this field is well formed (user@host.domain or better 
>user@mydomain.com) ?
>
>TIA,
>Pierre.

Can I ask you to think about that question a little more.

What is the point of having the SMTP interface do a lookup on a "mail
from" command when that command is issued by a box that is under your
control? There can only be legitimate mail coming from those boxes in
a properly secured environment.

You can't verify that the sender is valid because it comes from the
unix box. You can make the unix box authenticate, that's a safer
method of doing things.
date: Wed, 24 May 2006 21:26:52 +0100   author:   Mark Arnold [MVP]

Re: how to enforce the From: field on a SMTP relay ?    
Mark Arnold [MVP] wrote:
> On Wed, 24 May 2006 11:33:06 +0200, Pierre Bru
>  wrote:
> 
>> hi,
>>
>> I would like to use my exchange server as a relay for some un*x boxes 
>> but I would like to be sure that the From: field is correct by verifying 
>>  it against the AD.
>>
>> is there a way to do that ? if not, is there at least a way to verify 
>> that this field is well formed (user@host.domain or better 
>> user@mydomain.com) ?
>>
>> TIA,
>> Pierre.
> 
> Can I ask you to think about that question a little more.
> 
> What is the point of having the SMTP interface do a lookup on a "mail
> from" command when that command is issued by a box that is under your
> control? There can only be legitimate mail coming from those boxes in
> a properly secured environment.

if the unix user uses a MUA that allows to manually setup the from field 
(Mozilla for example), this user can setup whatever he/she wants, even a 
fake email address that noone will ever be able to reply to. I would 
like to avoid that.

> You can't verify that the sender is valid because it comes from the
> unix box. You can make the unix box authenticate, that's a safer
> method of doing things.

Pierre.
date: Wed, 07 Jun 2006 12:04:45 +0200   author:   Pierre Bru

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us