--勉励自己努力以钉子的“挤”劲和“钻”劲提升自己
 :: Blog List ::
钉子 发表于 2012-11-19 14:27:55

在缺省情况下Anonymous user权限组有下面的权限:

Ms-Exch-SMTP-Submit

Ms-Exch-SMTP-Accept-Any-Sender

Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.

Ms-Exch-Accept-Headers-Routing

要阻止别冒充您的域名向您发送邮件,可以使用下面的方法来解决:

方法一:
Exchange 2007-2010如何防止外部连接冒用本域地址向内发邮件?

在缺省情况下Anonymous user权限组有下面的权限:

Ms-Exch-SMTP-Submit

Ms-Exch-SMTP-Accept-Any-Sender

Ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

This permission allows senders that have e-mail addresses in authoritative domains to establish a session to this Receive connector.

Ms-Exch-Accept-Headers-Routing

 


要阻止别冒充域名发送邮件,可以使用下面的方法来解决:

 


方法一:


1. 在Exchange中心传输服务器上,运行ADSIEDIT.msc.


2. 浏览定位到Configuration->Services->Microsoft Exchange->First Organization->Adminstrative Groups->Exchange Administrative Group ->Servers->server_name->Protocols->SMTP Receive Connector


3. 右击Default Receive Connector并切换到Security栏,点击选中Anonymous Logon.


4. 在下面的列表中点击选中 Accept Authoritative Domain Sender右边的Deny.


5. 重启Microsoft Transport services服务.


方法二:

1.在PowerShell下输入以下命令:


Get-ReceiveConnector "Default SRV12-01" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-exch-smtp-accept-authoritative-domain-sender"} | Remove-ADPermission


2. 重启Microsoft Transport services服务.


备注:


请将Default SRV12-01替换为您实际的接受连接器的名称,注意是端口为25的那个。

发表评论:

    昵称:
    密码: (游客无须输入密码)
    主页:
    标题:
Best view with 1024 x 768 pixel & IE 6.0.
About Me
Archives Categories
Replies List
My FriendLinks
Blog Info

Powered by Oblog.