Wednesday, September 24, 2014

Lock down Exchange to receive only from GFIMaxMail servers

After adding a client to the GFIMAXMail email filtering service, you should lock down Exchange to only receive e-mail from GFIMAXMail servers to prevent spammers from bypassing the filtering.

  1. Open Microsoft Exchange Management Console.
  2. Open Server Configuration then Hub Transport.
  3. If using Microsoft Windows SBS2008 or SBS2011, find the default connector named Windows SBS Internet Receive SERVERHOSTNAME where SERVERHOSTNAME is the name of the server you are working on. Double left click on it to bring up the Properties window.
  4. Click on the Network tab.
  5. Under Receive mail from remote servers that have these IP addresses, remove all of the entries.
  6. Add the IP netblock for your LAN (ex. server IP address 192.168.16.3, so add 192.168.16.0/24).
  7. Add the following IP netblocks that correspond to GFIMAXMail's server clusters:
    • 174.36.154.0/24
    • 192.69.16.0/24
    • 192.69.17.0/24
    • 192.69.18.0/24
    • 192.69.19.0/24
    • 208.43.37.0/24
    • 208.70.88.0/24
    • 208.70.89.0/24
    • 208.70.90.0/24
    • 208.70.91.0/24
    • 5.10.67.0/24
    • 92.51.176.0/24
    • 94.186.192.0/24
  8. When finished adding IP address ranges to the Network tab, click Okay.
A better option would be to add an ACL on your firewall for all incoming Port 25 traffic and add the IP address ranges above, but not all firewall support that type of granular control.
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)