thorbenw Posted September 13, 2006 Share Posted September 13, 2006 Hi, in the FAQs, 'Why are autoresponders bad?' you say 'Configure your software to either reject messages during delivery or accept them permanently.' Good idea, we'd like to do so by rejecting all messages sent to 'unknown' users using the 'Filter recipients who are not in the Directory'-Checkbox in an Exchange 2003 Frontend-Server with SP2 installed. BUT: In the corresponding Help-Topic, Microsoft say 'Caution! Enabling this check box can potentially allow senders of unsolicited commercial e-mail to discover valid e-mail addresses in your Exchange organization, because during the SMTP session, the SMTP virtual server sends different responses for valid and invalid recipients.' AFAIK, this is true. Is there a way to make Exchange respond the same way for valid and invalid recipients? Best regards Thorben Link to comment Share on other sites More sharing options...
Telarin Posted September 13, 2006 Share Posted September 13, 2006 No, however, it is easy enough to prevent dictionary attacks/directory harvesting by enabling Exchanges tarpitting feature. SMTP tar pit feature for Microsoft Windows Server 2003 As an added bonus, this also slows down a spammer by tying up their SMTP connections for longer than usual. I use a value of 120 seconds on my Exchange server, and it seems to work well. Link to comment Share on other sites More sharing options...
thorbenw Posted September 13, 2006 Author Share Posted September 13, 2006 Great, thank you! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.