Printable View
Hello all,
when internal clients that work with Linux or outlool express uses our Exchange 5.5 IMC to relay messages to the Internet, the internal IP of the client is shown in the headers (received: XX....).
I´m running exchange 5.5 SP4 over w2000 updated. This server is in a DMZ (2 network adapters) behind a firewall. The "routing restrictions" of the IMC is set to "Host & clients with these IP addresses"
How can I avoid these? Is there a way to masquerade these IPs?
Thanks.
Since the internal addresses should be private why would you care that the address shows, it's unreachable from the internet?
Could it theoretically be an information leak maybe?
Maybe it could be used as a primitive mapping technique?
It´s called Information disclosure. Certains attacks can be done through a firewall if you know the internal IPs.
IIRC Exchange 5.5 isn't able to filter out these 'internal' received headers. You probably need a third party tool to relay and reformat your email before sending them out on the Internet.
Those attacks through the firewall require a level of sophistication that far exceeds your average cracker. If your assets are not of _critical_ value then the potential for loss is probably negligable.
And if your resources are that important that that type of attack would be an issue you should consider running a mail system that is still supported by the vendor. Exchange5.5 is no longer a supported product unless you also bought the software assurance package with your licenses. If you have software assurance there wouldn't be a reason for you to not upgrade, so I would guess that you don't have software assurance.Quote:
Those attacks through the firewall require a level of sophistication that far exceeds your average cracker. If your assets are not of _critical_ value then the potential for loss is probably negligable.
You won't get any non-security related hotfixes for 5.5 without the extended support, and security hotfixes will stop being produced this year.
so ..... a third party tool or installing Qmail server for those clients ...
Thank you.
I'm no Qmail expert but I believe you can use an upstream qmail server (e-mail gateway) to filter/reformat your outgoing email. This will keep your Exchange/Outlook functionality but has the added bonus of being able to filter stuff out (including 'dangerous' attachments, spam etc.). Which is basicly the "third party tool" I was talking about..
thanks.