Different Send/Receive Virus Notifications?

Alex Neuman alex at nkpanama.com
Wed Mar 28 01:06:07 CEST 2007


> On Tuesday, March 27, 2007 10:21 PM Alex Neuman van der Hans wrote:
>
>
> Incorrect. You can setup Exchange to accept SMTP traffic to your domains
> but require SMTP auth for all mails that does not go to your domains.

Thanks for pointing that out.

>
> Agreed: If you try to deliver mail to recipients in your own domain
> Exchange will in normal setups not require SMTP auth. Yet on the other
> hand that is not a typical scenario. If a PC is infected it will typically
> try to deliver mails to everyone in your adress book and/or other
> recipients received from botnets. These would not make it through Exchange
> if you setup SMTP auth.

Good to know.

>
> And what is the problem if your example really happens? MailScanner will
> try to deliver mails to nonexisting people on your Exchange. Correctly
> setup exchange will simply reject these at RCPT TO time and that's it. No
> real harm done. And you can have a look at the Exchange logs and spot the
> IP of the spamming machine right away.

What I wouldn't like about doing something like that (besides the extra
bandwidth used by the notices and by the users asking questions about
notices they don't necessarily understand) is the fact that it's twice the
work; once to set up the notifications to the users who, in any case,
won't know what to do most of the time (perhaps a compromise would be to
set up notifications to postmaster instead), and once more to explain to
the users what the situation is.

Perhaps a solution involving notifying the administrators so they can take
necessary measures would be a better use of their time, IMHO.

>
> Kind regards,
>   JP
> --



More information about the MailScanner mailing list