RES: RE: connection filtering on HELO/EHLO
- From: "Tiago de Aviz" <Tiago@xxxxxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Fri, 17 Dec 2004 10:36:47 -0200
But Exchange 2003 can filter IP addresses and generate a specific event code,
there's that Connection Filtering tab on Message Delivery, wouldn't that help?
Tiago de Aviz
SoftSell - Curitiba
(41) 340-2363
www.softsell.com.br
Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é
restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem
por engano, queira por favor retorná-la ao destinatário e apagá-la de seus
arquivos. Qualquer uso não autorizado, replicação ou disseminação desta
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável
pelo conteúdo ou a veracidade desta informação.
-----Mensagem original-----
De: Michael B. Smith [mailto:michael@xxxxxxxxxx]
Enviada em: sexta-feira, 17 de dezembro de 2004 10:28
Para: [ExchangeList]
Assunto: [exchangelist] RE: connection filtering on HELO/EHLO
http://www.MSExchange.org/
Sure, but you'll have to write a protocol event sink. And be careful -
this might be more dangerous to do than you think.
Not for the faint of heart.
There are some examples in the Exchange 2003 SDK and on CDOLive and on
Siegfried Weber's site.
-----Original Message-----
From: Dan HINCKLEY [mailto:dah@xxxxxxxxxxx]
Sent: Friday, December 17, 2004 3:27 AM
To: [ExchangeList]
Subject: [exchangelist] RE: connection filtering on HELO/EHLO
http://www.MSExchange.org/
I'm getting a bunch of spam, some w/viruses, spoofing a domain
(mail.domain.tld) in the HELO. I was trying to see if there is a way
built into ES 2003 to use the FQDN (spoofed) rather than an IP (since
these guys change their IPs) to drop the connection.
At 07:46 12/17/2004, you wrote:
>http://www.MSExchange.org/
>
>What kind of filtering?
>
>John Tolmachoff
>Engineer/Consultant/Owner
>eServices For You
>
> > -----Original Message-----
> > From: Dan HINCKLEY [mailto:dah@xxxxxxxxxxx]
> > Sent: Thursday, December 16, 2004 12:32 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] connection filtering on HELO/EHLO
> >
> > http://www.MSExchange.org/
> >
> > Have looked in the archives w/o luck. Can anyone point me to a
> > method of doing filtering in ES 2003 at the HELO/EHLO command?
> >
> >
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
michael@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
tiago@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
