mail spoofing in Exchange mail server 2019

morad anand 1 Reputation point
2021-12-14T07:22:34.757+00:00

Dear, As a researcher in a university, I ‘am heading a laboratory in a cyber security. Recently, the students in the lab have discord a vulnerability of mail spoofing in Exchange mail server 2019. This vulnerability allows message transmission using SMTP between any two accounts in the domain without any authentication. We have looked for the solution in your forums, but without any result. It would be appreciated if you could help. Best regards.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,221 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Aaron Xue-MSFT 2,581 Reputation points Microsoft Vendor
    2021-12-15T09:08:24.347+00:00

    Hi @morad anand ,

    Did you configure the receive connect as open relay?

    You could try the following steps.

    On the receive connectors that have Anonymous in the PermissionsGroups property, change the RemoteIPRanges property to the list of IP addresses you want to allow to be able to send internally anonymously, such as the servers that route inbound SMTP mail from the Internet.

    Here’s a link about anonymous relay for you reference

    Allow anonymous relay on Exchange servers | Microsoft Learn


    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.