Mombu the Microsoft Forum

Go Back   Mombu the Microsoft Forum > Microsoft > Exchange security policy
User Name
Password
REGISTER NOW! Mark Forums Read




Reply
1 9th September 00:49
nir valtman
External User
 
Posts: 1
Default Exchange security policy



Hi pete'

I'm working as information security consultant and I've never heard about
exploiting this configuration.
Even if junk mail sent to the user, most of the times is does not come back
again as a result of sending an "out of office" message,
I think that the probability to exploit this feature is low,
--

Nir Valtman
http://blogs.microsoft.co.il/blogs/valtmanir/
---------------------------
Do you think that information security is expansive? Try to ignore it
  Reply With Quote


 


2 9th September 00:49
ed crowley [mvp]
External User
 
Posts: 1
Default Exchange security policy



Care to share the evidence behind this assertion?
--
Ed Crowley MVP
"There are seldom good technological solutions to behavioral problems."
..
  Reply With Quote
3 9th September 00:49
nir valtman
External User
 
Posts: 1
Default Exchange security policy


again (takes time to update), so it won't be endless loop which may cause a
DoS.

In addition, if you have a mail relay with antispam filter, i don't think
that the probability to exploit this feature is high.

--

Nir Valtman
http://blogs.microsoft.co.il/blogs/valtmanir/
---------------------------
Do you think that information security is expansive? Try to ignore it


"Ed Crowley [MVP]" wrote:
  Reply With Quote
4 9th September 00:49
ed crowley [mvp]
External User
 
Posts: 1
Default Exchange security policy


Comments inline below.
--
Ed Crowley MVP
"There are seldom good technological solutions to behavioral problems."
..


That "meaning" is far from clear from your post. I would hope that you do a
better job of communicating in your "consulting" with your customers.

The issue of a message loop is not really a DoS, which is really a
deliberate attack, but a risk of using up all your disk space when a large
message loops. I agree with you, however, that the risk is negligible of an
out-of-office message causing a mail loop, and any impact can be mitigated
by implementing Prohibit Send and Receive limits, if large ones, on all mailboxes.

That's a big "if", and it assumes an extremely high level of protection. I
don't agree with your dismissiveness here.

The part you left out is the social engineering case. I believe that it's a
fact that plenty of users will provide more information about themselves or
their organizations to complete strangers through such messages than you
might believe. I'm not opposed to organizations opening out-of-office
messages to the Internet, but I do believe that they ought to make an
informed and intelligent decision and educate users as appropriate.
  Reply With Quote
5 9th September 00:49
nir valtman
External User
 
Posts: 1
Default Exchange security policy


1. Don't worry about my job :-)
2. Although i'm talking about big if, but most of the organizations (where i
live) have a mail relay. I believe that wer'e talking about a standard.
3. I agree with your last paragraph. Social Engineering is the most
dangerous threat.
--

Nir Valtman
http://blogs.microsoft.co.il/blogs/valtmanir/
---------------------------
Do you think that information security is expansive? Try to ignore it
  Reply With Quote
Reply


Thread Tools
Display Modes




666