[scurlaruntings]

Can anyone tell me if MS Exchange 2003 has the ability to discard connections when a PTR record is not present for the sendee. IE if an email is sent from a domain that only has an MX record and not a reverse public record aswell that email would not be delivered and an NDR delivered instead indicating to the sendee that the "said" domain does not accept email from domains with no valid PTR record. I know exchange has the ability to do a reverse look up on the SMTP connector. But this only allows for reverse DNS information to be appended to the message headers which in my opinion is a bit of a useless feature and a possible uneccesary over head on your mail server. Finally assuming exchange doesnt have this feature (which im pretty sure of) is there any open source utility that can be integrated into exchange to allow for this feature.. (why o why is SMTP inherently insecure. Maybe we need a new ratified protocol that can allow for securer SMTP connections.. ok im rambling now..)

[Sembee]

Exchange cannot drop messages based on the reverse DNS record. You will have to use a third party tool to do that. Something like Vamsoft ORF should do that.

Simon.

[scurlaruntings]

Quote:

Originally Posted by Sembee

Exchange cannot drop messages based on the reverse DNS record. You will have to use a third party tool to do that. Something like Vamsoft ORF should do that.

Simon.

Why have MS incooperated a feature in SMTP that most Exchange admins believe adds resilience to there exchange enviroment in terms of combating SPAM? When in reality the reverse look up feature merely adds more information to a message header that could possibly be entirely inaccurate? Seems like a bit of a waste of time to me. I guess its only a small foible as Exchange 2003 is a brilliant product and certainly my favoruite flavour to date. Do you know wether Exchange 2007 will incoperate this feature in SP1?

[Sembee]

You talk about Exchange 2007 SP1 as if it isn't already out. It is, and has been for a while.
The antispam features have been beefed up in Exchange 2007, but reverse DNS lookups is not part of the feature set - you still have to use third party tools.

As to why MS put the option to do a reverse lookup - I have no idea on that. It is a useless option that simply slows down email processing.

Simon.

[scurlaruntings]

Quote:

Originally Posted by Sembee

You talk about Exchange 2007 SP1 as if it isn't already out. It is, and has been for a while.
The antispam features have been beefed up in Exchange 2007, but reverse DNS lookups is not part of the feature set - you still have to use third party tools.

As to why MS put the option to do a reverse lookup - I have no idea on that. It is a useless option that simply slows down email processing.

Simon.

Thats because the last time i supported it it was pre SP1 and over 10 months ago where alot of the functionality had to be done from the command line. Apparently this has been rectified in SP1 and im assuming SP1 has also added other features to what was then released an incomplete product. Incidently last i was aware MS were not supporting exchange 2007 32 bit in a prodcution enviroment. Is this still the case? Or will they have to change there stance because of SBS 2008?

[Sembee]

Exchange 2007 will never be supported in a 32 bit environment. SBS 2008 is 64 bit.

While there was a lot of missing functionality, the service pack did not change the antispam features. The core functionality was there from the start.

Simon.

[scurlaruntings]

Quote:

Originally Posted by Sembee

Exchange 2007 will never be supported in a 32 bit environment. SBS 2008 is 64 bit.

While there was a lot of missing functionality, the service pack did not change the antispam features. The core functionality was there from the start.

Simon.

Wow thats a strange stance. SBS naturally is geared towards small business`s with minimal IT budgets and small long term investments. 64bit SBS will mean a whole new server if the client is considering an upgrade Thats not very good news as clients will hardly embrace the wonders of 64bit computing compared to 32bit instructions..

[Sembee]

I think you will find that most SBS purchases are with new hardware, not upgrades. Furthermore if the server is less than two years old then they will already have 64 bit hardware. It is the way that Microsoft are going. All of their server products will be 64 bit only within a few years - I think Windows 2008 is the last 32 bit server OS.

Simon.

[DYasny]

my solution to the issue was a linux front end MTA running postfix.

spam levels dropped from 6-7 to single digit numbers, and email traffic has become much lower
________
Buy magic flight launch box

[DYasny]

as for secure SMTP, it is usually quite enough to drop all non RFC compliant connections
________
Mercedes-Benz Sl-Class