Modify invalid recipient check response

Forum Home

Modify invalid recipient check response Jason
Modify invalid recipient check response Synametrics Support
Modify invalid recipient check response Anonymous

From:	Jason
Date:	12/19/19 5:28 AM
Topic:	Modify invalid recipient check response
Type:	General Discussions
Post a follow up

Hello,

I would rather not have Xeams in Proxy mode reply to an invalid user with the response:

550 No such user here - AD

Can it be modified to simply say something like the Cisco Ironport::

550 #5.1.0 Address rejected.

In my opinion it will offer less incentive to hunt for AD accounts and providing the least amount of information possible is a better security alternative.

FYI, I have already hidden the header response for the Xeams version in the 220 response for the same reason:

220 mail.********.com - Version info hidden due to policy

Thanks in advance
Jason

Top

From:	Synametrics Support
Date:	12/19/19 8:35 AM
Topic:	Modify invalid recipient check response
Type:	General Discussions
Post a follow up

Jason,

We will add this in our to-do list.

BTW, you don't want to use the Proxy server for inbound emails. A malicious user could send an AUTH command through Xeams to guess passwords on your Exchange. Check https://www.xeams.com/switchingproxy2regular.htm for details.

Top

From:	Anonymous
Date:	12/23/19 2:45 AM
Topic:	Modify invalid recipient check response
Type:	General Discussions
Post a follow up

Thanks for the update!

In order to combat malicious user logins I use Syspeace to protect the Exchange Server from both SMTP Auth and OWA logins. :)

Top

Community/Enterprise Edition