1. 程式人生 > >如何防止內部用戶地址被冒用發郵件

如何防止內部用戶地址被冒用發郵件

serve connect header 域名 內部用戶 instr 註意 edr get

在缺省情況下Anonymous user權限組有下面的權限:

Ms-Exch-SMTP-Submit
Ms-Exch-SMTP-Accept-Any-Sender
Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.
Ms-Exch-Accept-Headers-Routing

要阻止別冒充您的域名向您發送郵件,可以使用下面的方法來解決:

方法一:

Exchange 2007-2010如何防止外部連接冒用本域地址向內發郵件?

在缺省情況下Anonymous user權限組有下面的權限:

Ms-Exch-SMTP-Submit
Ms-Exch-SMTP-Accept-Any-Sender
Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender
This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.

Ms-Exch-Accept-Headers-Routing

要阻止別冒充域名發送郵件,可以使用下面的方法來解決:

方法一:

  1. 在Exchange中心傳輸服務器上,運行ADSIEDIT.msc.
  2. 瀏覽定位到Configuration->Services->Microsoft Exchange->First Organization->Adminstrative Groups->Exchange Administrative Group ->Servers->server_name->Protocols->SMTP Receive Connector
  3. 右擊Default Receive Connector並切換到Security欄,點擊選中Anonymous Logon.
  4. 在下面的列表中點擊選中 Accept Authoritative Domain Sender右邊的Deny.
  5. 重啟Microsoft Transport services服務.

方法二:

1.在PowerShell下輸入以下命令:

Get-ReceiveConnector “Default SRV12-01″ | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Remove-ADPermission

  1. 重啟Microsoft Transport services服務。

備註:
請將Default SRV12-01替換為您實際的接受連接器的名稱,註意是端口為25的那個。

如何防止內部用戶地址被冒用發郵件