autoforward debate
In exchange 2003 we have found people can setup autoforward rules and forward traffic to non secure mail systems such as their hotmail account.
management say they cannot see who currently has setup these rules, and the only way to do it is via scripts which dont always work.
Is that a risk in itself, if you havent locked down autoforward rules, but you cant audit/see what rules are setup, is this a risk?
Our exchange admin doesnt seem to fussed, they have a tool called websense which monitors user activity and outgoing mail, they say if mail is going to external hotmail it will still be picked up via this tool, whether it was purposelly sent, or whether
it was autoforwarded by a rule.
Therefore, is there any issue with people setting up autoforward rules, and the whole "autoforwarding management and monitoring" thing? And them not being able to see what autoforward rules are in place by employees? Is it a risk?
June 9th, 2011 10:08am
Hi,
Generally organization do not want to setup autoforward rule to forward corporate email to external email address. In exchange 2003 its only can be generate report thru LDIFDE script.
In exchange 2007/2010, It is managed better in remote domain level and can be restrict to all employee. Generally its a matter of security concern which may varry organization to organization.
I hope it will help you much more !!!Anil MCC 2011,ITIL V3,MCSA 2003,MCTS 2011, My Blog : http://messagingschool.wordpress.com
Free Windows Admin Tool Kit Click here and download it now
June 9th, 2011 10:22am
1. "Is that a risk in itself, if you havent locked down autoforward rules, but you cant audit/see what rules are setup, is this a risk?"
It is a risk if your business expects you to monitor/restrict forwarding of such emails if you cant stop them at the gateway or prevent users from sending in the first place.
2. "Our exchange admin doesnt seem to fussed, they have a tool called websense which monitors user activity and outgoing mail, they say if mail is going to external hotmail it will still be picked up via this tool, whether it was purposelly sent, or whether
it was autoforwarded by a rule."
What if messages are being sent to google and not hotmail or any other domain. I thnk they need something a little more intelligent which captures keywords/numbers or whatever is emails to stop them from being sent out. Or they need to use something
like Windows rights maangement to prevent them sending in the first instance.
3. "Therefore, is there any issue with people setting up autoforward rules, and the whole "autoforwarding management and monitoring" thing? And them not being able to see what autoforward rules are in place by employees? Is it a risk?"
Yes/No, as mentioned above.Sukh
June 9th, 2011 11:46am