I'm working with an issue that I had over the past day or so. I have a bunch of clients who run Exchange Servers. We setup their Exchange servers to pass mail back through the server so that it is virus scanned and logged. The only way I can find to do that is to put the Exchange server on /etc/trustedmailhosts.
This allows the server to send mail without issue. However, a client had an issue where a spammer accessed their Exchange server and started sending spam. Because the server is on /etc/trustedmailhosts, no ratelimiting or domain checks are done. It more or less seems like this creates an open relay for that IP address. I've been running this configuration for a while, but now that I see the potential for abuse, I'm trying to find a work around.
Is anyone else doing this? How do they set it up?
This allows the server to send mail without issue. However, a client had an issue where a spammer accessed their Exchange server and started sending spam. Because the server is on /etc/trustedmailhosts, no ratelimiting or domain checks are done. It more or less seems like this creates an open relay for that IP address. I've been running this configuration for a while, but now that I see the potential for abuse, I'm trying to find a work around.
Is anyone else doing this? How do they set it up?