removing user pemissions 1

[Hfnet]

I have a CRM which requires a command to be run on the EX2007 to allow email to be sent out. The admin document give the following command to use:

get-mailboxserver [Exchange2007ServerName] | add -adpermission -user [UserAccount] -extendedrights “Send As”, “Receive As”, “Administer Information Store”, “View
Information Store Status”

I am now receiving self-addressed spam and want to revert my account to default settings. I guess I need to use the above command but with remove -adpermission, but what it the default rights list compared to the above command? I don't want to kill my email! What from the above list is safe to remove?

Thanks

 

[Hfnet]

No, I'm happy there is an issue server-side as it is only my address being spammed, and it has only happened since making the changes to my account last week. I may wipe my account and recreate it to see, otherwise I'll reload the server with a backup image.

If I do find anything definite I'l post the solution here. Thanks for all your input.

 

[Zelandakh]

You shouldn't need to do that. Have you followed the article on using SPF to the letter?

 

[Hfnet]

Abso-flipping-lutely I have! I have one on my server and also one on the external public domain created by my ISP.

 

[Zelandakh]

This is most odd, wish I could remote to your server and take a look as that is frustrating to get so close.

Can you post the new SPF record line that your ISP created? Change the public domain name to hf.net or something to obfuscate your own real domain. Also, post your internal one changing similarly? It HAS to be something silly so we'll check the generation first then look at application.

 

[Hfnet]

Thanks for sticking with this! I have no problem with a remote session...

Public SPF:
v=spf1 mx ip4:my.pub.ip.add include:mysmarthost.co.uk mx:mail.mydomain.co.uk -all

Internal one is the same...

 

[Zelandakh]

On the internal DNS, do you have an entry specifically for mysmarthost.co.uk and mail.mydomain.co.uk pointing to the internal side of your Exchange server? (Don't make any changes!).

 

[Hfnet]

Not for mysmarthost but there is a DNS entry for my mail server's ip and dns name. I think this is created by SBS 2008

 

[Zelandakh]

so internally if you ping mail.mydomain.co.uk, do you get a response to the public or private side of Exchange?

 

[Hfnet]

I get a resolution of the external IP address (ping reply is disabled so no response)

 

[Zelandakh]

ok, take an exact note of the SPF record internally then change it and replace the public IP with the private IP of the Exchange server. Then on the Exchange server do an ipconfig/flushdns and see if that makes any difference.

My guess remains that Exchange is looking at the SPF record and essentially ignoring it.

 

[Hfnet]

No change. it would be nice to have a second pair of eyes on the server, happy for a session with teamviewer or similar... I have an msn.com email...

 

[Zelandakh]

I know I suggested that but I am currently plum out of ideas on where the problem lies. If I had even an idea, I'd jump on board.

Let me have a look at one of my 2007 boxes...

 

[Hfnet]

I promised I would let you know if anything changed, well, I deleted my account and recreated it on Saturday morning, and I have had no spam reach my inbox since then.

Weird but satisfying! Although I did keep checking my inbox all weekend because it was so quiet!!

Thanks for sticking with me and I am sorry I can't provide any further clarification on what may have happened...

 

[Zelandakh]

Well, you got resolution anyway!!