Perhaps you don't know which IP addresses your system needs to allow
relaying from. For example, you might have to grant relaying permissions to
dial-up ISP accounts that use multiple addresses. You can configure Exchange to
require SMTP sessions to provide authorization before relaying. Enter a decimal
value of 8 in RelayFlags to activate SMTP authorizations. Exchange then denies
attempts to relay messages from mail clients that don't provide proper SMTP AUTH authorization. Your Exchange server verifies this authorization against your Windows NT accounts database and denies relaying if it doesn't find a match.
Screen 4 shows the error message that results when an Outlook Express client
without authorization tries to relay an email. Before setting your Exchange
server to require authorization, you need to check your email client's
documentation to see whether it can present an AUTH authorization to an
outbound mail server. Outlook Express supports this option, but Eudora doesn't.
If your Exchange server is multihomed, you can enter a decimal value of 4
in RelayFlags to control which interface has relay permissions. For example, if
your Exchange server has an internal interface for your private network and an
external interface for the Internet, you can restrict relaying to only the
messages your server receives on internal interfaces. Add the value
RelayLocalIPList to the MSExchangeIMC\Parameters key as a type REG_MULTI_SZ, and
enter the IP addresses of your internal interfaces. Exchange then grants relay
permissions to users on those interfaces and prevents users from relaying from
your external interface.
Not Welcome Here
Exchange 5.5 lets you automatically filter inbound email from specific email
addresses or domains. This option is useful if you repeatedly receive junk email
from one address or domain. Your server automatically filters messages so that
your users don't receive junk email. (For other tips on preventing junk email,
see "Client Protection Techniques.") To prevent delivery of messages
from certain email addresses or domains, you need to add two values to the
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIMC\Parameters. Exchange 5.5 Service
Pack 1 (SP1) will provide a user interface you can use to add the values.
The first value you need to add is TurfTable, as a type REG_MULTI_SZ. In
TurfTable, you enter a list of email addresses and domains that you want
Exchange to filter. You can specify certain addresses (e.g., friend@public.com)
or entire domains (e.g., @public.com).
If you want to be able to scan filtered messages to ensure that your system
hasn't deleted an important message, enter the TurfDir value, as type REG_SZ.
TurfDir tells the Exchange server which directory to put filtered messages in.
If you don't have this value in your Registry, Exchange deletes the messages it
filters, rather than saving them. You must create a directory, because the
Registry editor doesn't create one automatically. Microsoft's documentation
suggests using the directory Exchsrvr\Imcdata\Turfdir.
When your Exchange server receives a message that meets the TurfTable
criteria, Exchange moves the message to the TurfDir directory. Screen 5, page
151, shows a test message I sent myself from an address on my TurfTable list.
Exchange wrote an event to the application event log that says it filtered the
email, as Screen 6, page 151, shows. I didn't receive the message.
Call Your Congressman
Junk email is a widespread problem on the Internet, and it will get worse if
the government doesn't regulate it. It might even make email useless: If
thousands of companies send hundreds or thousands of email advertisements a day,
users' inboxes will be so stuffed with commercial email that their important
email will get lost in the mess. Junk email is an attractive advertising
method because you can send an advertisement to 10 people or 10,000
people for the same price (practically free). Several years ago, fax machines
created a similar problem. Junk faxes clogged up fax machines and blocked
legitimate transmissions.
A junk email bill is currently pending before Congress: H.R. 1748, or the
Netizens Protection Act. If it passes, this bill will extend the existing junk
fax law (47 USC 227) to cover UCE advertisements. Consumers would have a
private right of action against UCE, and they could sue the sender for $500 for
each piece of unsolicited advertising they receive, or $1500 if the court
believes the sender willfully or knowingly violated the law. If this bill
becomes a law, the junk email problem will disappear. You can contact your
representative to express your support for H.R. 1748. As of January, the bill
had 28 bipartisan cosponsors.
Legal precedent supports compensation of systems administrators who have
suffered measurable financial loss from UCE. A Travis County, Texas, district
court recently ordered a junk emailer to pay $19,000 for damages stemming from
the emailer's forging of a domain's return address for UCE.
For Further Reading
To learn more about Exchange 5.5's UCE-related features, see Exchange's
README file. For more information about junk email, go to the Coalition Against
Unsolicited Commercial Email (CAUCE) Web site (http://www.cauce.org).
End of Article
Prev. page
1
[2]
next page -->
