my apologies if this question was asked and answered previously.
we have Exchange 2013 email server. We have been seeing some of the emails are coming from outside but using our own domain name which should not be. any email coming from outside using our domain name must not get processed and rejected at the first place when arrives in our server. I looked into some of the posts and generally found to remove "ms-exch-smtp-accept-authoritative-domain-sender" property of "NT AUTHORITY\Anonymous Logon" security principal from internet receive connector.
This solution was given to below forum:
My question is:
(1) if I remove that permission, do I need to restart my receive connector?
if the above does not work, there is another solution suggested to block own domain and then remove ms-Exch-SMTP-Accept-Any-Sender for anonymous use and then restart receive connector
Powershell
Set-SenderFilterConfig -BlockedDomains mydomain.com
Set-SenderFilterConfig -InternalMailEnabled $true
Get-ReceiveConnector "name of the internet receive connector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Sender"} | Remove-ADPermission(2) my questions is, if I do this, after restart of receive connector, will this affect our internal applications and devices emails sending which are anonymous like copiers/scanners and other internal applications inside our LAN?
(3) if it does affect and within-LAN anonymous internal emails are stopped, do I need to create a separate receive connector for LAN and allow Anonymous log-on? whats the command or procedure to do that?
(4) How can I simulate the issue (receiving email from outside but with our domain address), so I can be sure the solution is actually working?
Thanks for your replies to help resolving my issue.