Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

Nekaj zlatih pravil na katere moramo biti pozorni pri konfiguraciji poštnih strežnikov. / Some rules to be aware of when configuring mail servers.
DNS nivo / DNS layer

1. MX zapis mora obstajati / MX record must exist
Za test lahko v ukazni vrstici vpišete ukaz / For testing you can try to get the MX record using nslookup command:
nslookup
set type=MX
company.com
Kot rezultat bi morali dobiti / As result you should get:
company.com MX preference = 10, mail exchanger = mail.company.com

2. Forward in reverse DNS zapis se morata ujemati / Forward and reverse DNS record must be the same
Primer / Example:
Recimo, da MX zapis za domeno company.com kaže na poddomeno domene company.com in sicer na mail.company.com. V primeru, da izvršimo ukaz ping v ukazni vrstici dobimo rezultat: / Let say, that MX record for domain name company.com points to subdomain of company.com – mail.company.com. In this case you can check by pinging hostname and get the result:

C:\>ping mail.company.com
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=119ms TTL=238 …

Ce pa izvršimo ukaz, ki nam iz IP naslova razreši DNS zapis moramo dobiti rezultat: / If we try to make a reverse lookup we should get the same result:

C:\>ping -a 123.123.123.123
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=111ms TTL=238

Nivo poštnega strežnika (SMTP strežnika) / Mail server layer (SMTP server)

SMTP strežnik se mora oglasiti z istim imenom, kot je vpisan v MX zapisu – v našem primeru: mail.company.com. To pa lahko preizkušamo tako, da se z uporabo programa telnet povezemo na poštni strežnik na portu 25. / SMTP server should present with the same name as a name in MX record. In our case this is mail.company.com. This can be tested using telnet program connecting to port 25 of our mail server.
Kot rezultat bi morali dobiti: / As a result you should get:

220 mail.company.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Mon, 5 Feb 2007 23:07:34 +0100

http://www.dnsreport.com – preverite nastavitve svoje domen / check your domain name configuration
http://www.dnsstuff.com – dodatna orodja za pregled DNS zapisov / additional tools for checking DNS records
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/ – Sender policy framework – generator TXT zapisa / Sender policy framework TXT record generator

  I. del / Part I. – Message delivery properties – general
(wink source) 

 II. del / Part II. – Message delivery properties – Connection filtering
(wink source) 

 III. del / Part III. – Message delivery properties – IMFv2 / Sender ID filtering
(wink source) 

 IV. del / Part IV. – Activate filters on SMTP server
(wink source) 

 V. del / Part V. – SMTP server name

Tags: , , , , , , , , ,

One Response to “Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing”

  1. to domain name says:

    hi guys…

    hi guysI would like to thank you for the efforts you have made in writing this article. I am hoping the same best work from you in the future as well and i have start my own blog now, , thanks for your effort…

Leave a Reply