如何防止內部用戶地址被冒用發郵件
Ms-Exch-SMTP-Submit
Ms-Exch-SMTP-Accept-Any-Sender
Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.
Ms-Exch-Accept-Headers-Routing
要阻止別冒充您的域名向您發送郵件,可以使用下面的方法來解決:
方法一:
Exchange 2007-2010如何防止外部連接冒用本域地址向內發郵件?
在缺省情況下Anonymous user權限組有下面的權限:
Ms-Exch-SMTP-Submit
Ms-Exch-SMTP-Accept-Any-Sender
Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.
要阻止別冒充域名發送郵件,可以使用下面的方法來解決:
方法一:
- 在Exchange中心傳輸服務器上,運行ADSIEDIT.msc.
- 瀏覽定位到Configuration->Services->Microsoft Exchange->First Organization->Adminstrative Groups->Exchange Administrative Group ->Servers->server_name->Protocols->SMTP Receive Connector
- 右擊Default Receive Connector並切換到Security欄,點擊選中Anonymous Logon.
- 在下面的列表中點擊選中 Accept Authoritative Domain Sender右邊的Deny.
- 重啟Microsoft Transport services服務.
方法二:
1.在PowerShell下輸入以下命令:
Get-ReceiveConnector “Default SRV12-01″ | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Remove-ADPermission
- 重啟Microsoft Transport services服務。
備註:
請將Default SRV12-01替換為您實際的接受連接器的名稱,註意是端口為25的那個。
如何防止內部用戶地址被冒用發郵件