You have an Exchange Server 2010 organization. You need to plan a message hygiene solution that
meets the following requirements:
• Spoofing must be minimized
• Open SMTP relays must be added to IP block lists automatically
What should you include in the plan?
A.
Sender ID filtering and recipient filtering
B.
Sender ID filtering and sender reputation
C.
sender filtering and recipient filtering
D.
sender reputation and recipient filtering
Explanation:
Sender ID is intended to combat the impersonation of a sender and a domain, a practice that’s
frequently called spoofing. A spoofed mail is an e-mail message that has a sending address that was
modified to appear as if it originates from a sender other than the actual sender of the message.
Spoofed mails typically contain a From: address that purports to be from a certain organization. In
the past, it was relatively easy to spoof the From: address, in both the SMTP session, such as the
MAIL FROM: header, and in the RFC 822 message data, such as From: “Masato Kawai”
[email protected], because the headers weren’t validated.
Sender reputation evaluates several sender characteristics to calculate an SRL. Among the
characteristics that sender reputation evaluates are the results of a test for open proxy servers.
Frequently, spammers route messages through open proxy servers on the Internet. By routing spam
through open proxy servers, spammers can send messages that appear to originate from a different
server than their own.
When sender reputation calculates an SRL, sender reputation tries to connect to the sender’s
originating IP address by using a variety of common proxy protocols, such as SOCKS4, SOCKS5, HTTP,
Telnet, Cisco, and Wingate. Sender reputation formats a protocol-specific request in an attempt to
connect back to the Edge Transport server from the open proxy server by using an SMTP request. If
an SMTP request is received from the proxy server, sender reputation verifies that the proxy server
is an open proxy server and adjusts the SRL rating according to this result. By default, detection of
open proxy servers is enabled on sender reputation.
http://technet.microsoft.com/en-us/library/bb124512.aspx