Forum Discussion
How does Exchange Server protects self-domain (Internal Mailbox) email from Spam/malware?
As my understanding, most of organizations keeps third party email gateway solutions to protect emails for external domains (mostly incoming).
What about Internal self-domain between mailboxes? (A user to B user)
What if, Exchange internal mailbox (same org-domain) sends spam/malware? Does Exchange scans these spam/malware within same organizations?
Is there any way to integrate with antispam solutions to scan between internal mailboxes?
If yes how can we configure? Because internal email does not use send connector so is there any way?
I am just curious and looking for idea to scan internal emails through antispam/gateway.
Example: When A user send email to B user, it does not scan rights because its internal and trusted so, what if we keep antispam agents/route config between A user and B user?
Any ideas..
3 Replies
- In the past there existed several 3party solutions, sitting as a plugin/addin on exchange providing what you described. I, however, have no idea whether/not this is still working or senseful. At the same time you could theoretically also add edge servers/subscription, ensure internal mails flowing through it respectively and use the native Exchange agents on edge servers fulfilling your requirement.
However, i think all this is only half-hearted, except maybe a proper 3rd party solution directly installed on/at your exchange server.
What i'm using: https://www.mimecast.com/resources/datasheets/internal-email-protect/
Your mails get journaled to an external perimeter service (they also offer a lot of other perimeter services), would be scanned there and you can put certain actions behind, e.g. regarding "threat remediation", depending how you configure it.
Hope this helps.- Thanks for your information.
Did you ever try or think about to routing of internal mail through gateway?
I mean, all internal user must route email through antispam gateway. I know it will be the longest path and may be delay receiving internal mail but can we do this? Is it possible in Exchange?This question is not precise enough. What kind of gateway (which services in place)? Where is the gateway located?
In the past i of course routed mailflow through an internal "anti-spam gateway" (not only anti-spam but doing also content examination, encryption and much more). I would never route (!) internal mails through an external (!) perimeter/platform service, surely not, way too much dependencies and error sources.
