I do something similar, just not with Exchange.
With this system you're leaving the door open if [email protected]
ever gets accidentally released into the wild. I've been very careful so
far and this hasn't been an issue.
We talked about implementing iptables rules on the RT box that would
limit which machines it can receive email from in order to prevent
people from using [email protected] and instead using [email protected]
so mail goes through the proper path. We haven't done it though, and so
far keeping [email protected] as a secret all has been well.
On 12/13/10 7:11 PM, Jason Knight wrote:
Just thought I’d throw this tip out there if you are running Exchange
in your environment. I have RT configured on my CentOS 5.5 box,
help.domain.com. My /etc/alias file uses [email protected]
<mailto:[email protected]> for incoming requests into my main
helpdesk queue. What I’ve done with Exchange, that hosts for
domain.com, is to create the email [email protected]
<mailto:[email protected]>, and a contact for [email protected]
<mailto:[email protected]>. The newly created Exchange mailbox,
[email protected] <mailto:[email protected]> forwards to
[email protected] <mailto:[email protected]>. What this allows
me to do is use delivery restrictions on the Exchange account to limit
the help desk to authenticated users only, thus blocking outside
requests. I know RT has it’s own mechanism to do this, but this
allows me to open it up easily if I need to, and I can use LDAP
authentication alongside local users in RT.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--
John Arends
[email protected]
Network Analyst
College of ACES ITCS
University of Illinois at Urbana-Champaign
