Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
865 Views 3 Replies Latest reply: Feb 13, 2013 6:56 AM by Attila Polinger RSS
nhan.vo Newcomer 2 posts since
Jan 21, 2013
Currently Being Moderated

Jan 21, 2013 12:21 PM

How to block unauthenticated users "From to" from sending

I refer thisURL https://kc.mcafee.com/corporate/index?page=content&id=KB69050&actp=search&viewlo cale=en_US&searchid=1358563541932 but I dont find output as expect.

When my using telnet for sending mail, I want to prevent the Parse "From to" because of the the user in "from to" not have in database

Do not have User3 trong database data but you can still send mail to cho user1 (this account in database ).

I am want to setup the policy to protect "Fake user" for sendling email

 

You can use http://emkei.cz/ to test this issue.

 

Thanks and best regard.

Attachments:
  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009

    Hi,

     

    just ran into your query here (and I wonder if this question of yours still needs answering). If I understand you correctly, you would like prevent *internal* nonexisting users to send mail outside your organization.

     

    One possible way of doing this is to set your internet mail gateway to not accept connections from any other servers from inside than your internal SMTP server (should that be different than the one you posted a connection screenshot on).

     

    Your internal SMTP server should also not accept connection from other servers than the internal mailing servers (such as Exchange).

     

    Attila

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009

    Dear Nhan.Vo,

     

    I'm not  managing such an appliance any more so I can work from memory only :-) but if I'm not mistaken, there is the Permitted Domain list in the Email configuration section, where you can specify email domains and IP addresses from which the appliance accepts mail/connection from.

     

    Refer also to the documentation on how to prevent unwanted relaying by the appliance.

     

    I think there is not an option to specifically telling the appliance not to allow a given MAIL FROM: value (i.e. the "sending user"; meaning to check whether the sender email exists somewhere in a user AD record).

     

    A workaround could be to set up a Windows IIS with an SMTP service and set it to use authentication on users, then set this IIS server as the SMTP server on users computers, also set this server to be the only server acceptable for the McAfee appliance and in any inbetween DMZ or other network filtering rules.

     

    I hope I could help, if I did not please elaborate more.

     

    Attila

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points