Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Exchange and Reverse DNS

Status
Not open for further replies.
bigjrocksit

bigjrocksit

IS-IT--Management
Feb 15, 2008
28
US
I have a question about something weird that was recently brought to my attention and I'm not able to find any information on the issue. Hopefully someone can help.

We have an account with Google Analytics that allows us to have reports emailed to us from the Analytics website. The emails come through just fine, but the problem is that the sender's email address that the reports come from shows to be an address of an internal user.

My question is this: How is this email able to be sent from Google to any internal user with the email address of this internal user? Even though the email address is listed as the "contact" email address on the Analytics website, there is no authentication information listed and to me this looks like we are wide open to spoofing.

I've emailed Google and their response was as follows: "Please note that what you see in the 'From'
address field is the display email address. Note that the emails are being sent from Google Analytics, however, the from address is marked as 'xxxxxx@xxxxx.com' to avoid the email being marked as spam. You can confirm this information by viewing the Header information for an emailed report."

I've viewed the header information and it only shows that it came from the internal email address. Shouldn't Exchange catch this as a spoofed address and block the email?

I'm really confused on this one. Any help is appreciated.

TIA- J
 
Sort by date Sort by votes
That's easy. There is no authentication for SMTP by default. I can telnet to an email server and send mail as anyone all day long.

It's an interesting approach they have to get around the messages being marked as spam. But a growing trend is to not allow inbound email that says it's from an internal address (why would an internal address be sending email from outside, to an internal address?). So their method would get caught if you were so configured.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Upvote 0 Downvote
Thanks for the help- makes perfect sense now. I'm new to Exchange, but I'm learning a little more with every issue I run into like this.

What's the best method to lock this down? I've looked at some MS documents and it doesn't look like a terribly easy thing to do.

-J
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
2K
PatrickRoggers
PatrickRoggers
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
1K
Wesaf
Wesaf

Part and Inventory Search

Sponsor

Back
Top