chpchai
asked on
Exchange Server Problem with SMTP
I have a exchange server 2000 with sp 3, there is a "BIG" problem that many other server send emails to my server and use my server to send those rubbish email others. My server is stuck with thousands of message queueing and My own message can't be send out easily!!!!!
Is there any solution to stop receiving the rubbish emails???
Is there any solution to stop receiving the rubbish emails???
> Go to ESM-SMTP virtual server properties->Access-> Relay
> Make sure that "allows all computers that successfully authenticate to relay " is checked.
and check also "Only computers on the list" and keep the list empty. These two settings will deny anonymous realy.
> Make sure that "allows all computers that successfully authenticate to relay " is checked.
and check also "Only computers on the list" and keep the list empty. These two settings will deny anonymous realy.
ASKER
I have tried the setting mentioned above, but still that there are message from other servers queueing in my server... mainly from AOL, MSN, Netscape... !!!!!
any further setting available to improve the situation???
any further setting available to improve the situation???
Open a DOS box and type:
telnet relay-test.mail-abuse.org
This will check your server for relay issues. More can be found at the mail-abuse.org web page. If there is any test, which fails, please post.
After the changes, you should restart your exchange server (or at least the SMTP service).
First at all you have to close your server. Second, you have to remove your server from the blacklists. As long your server is blacklisted, you will get mails, which will not been relayed, but which produces NDRs, which can not delivered.
Try http://openrbl.org to see, if you are blacklisted and where.
Please note also, that it may take some time, until all mails are out of the queue and are run dead. Whenever a mail can not be delivered, the mail produces a NDR to the senders address (which is usually faked) and therefore you get an additional set of mails within your queue. Have a look at the queue itself (don't forget to refresh --> menu item, not F5), and the number of mails within the queue (the queue itself is deleted, when the connection is closed, this takes also some minutes).
For the moment, you should lower the time, the mails will try to connect to the remote system (see tranmission tab within your virtual SMTP server). This reduces the time until they run dead. Also try to delete as much as possible from your queues. Also have a look at the file based queues on your server in the mailroot\vsi xx directory.
telnet relay-test.mail-abuse.org
This will check your server for relay issues. More can be found at the mail-abuse.org web page. If there is any test, which fails, please post.
After the changes, you should restart your exchange server (or at least the SMTP service).
First at all you have to close your server. Second, you have to remove your server from the blacklists. As long your server is blacklisted, you will get mails, which will not been relayed, but which produces NDRs, which can not delivered.
Try http://openrbl.org to see, if you are blacklisted and where.
Please note also, that it may take some time, until all mails are out of the queue and are run dead. Whenever a mail can not be delivered, the mail produces a NDR to the senders address (which is usually faked) and therefore you get an additional set of mails within your queue. Have a look at the queue itself (don't forget to refresh --> menu item, not F5), and the number of mails within the queue (the queue itself is deleted, when the connection is closed, this takes also some minutes).
For the moment, you should lower the time, the mails will try to connect to the remote system (see tranmission tab within your virtual SMTP server). This reduces the time until they run dead. Also try to delete as much as possible from your queues. Also have a look at the file based queues on your server in the mailroot\vsi xx directory.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Make sure that you are not infected with any virus
Go to ESM-SMTP virtual server properties->Access-> Relay
Make sure that "allows all computers that successfully authenticate to relay " is checked.
Relaying is the ability to forward mail to domains other than your own. More specifically, relaying occurs when an inbound connection to your SMTP server is used to send e-mail to external domains. By default, your Exchange server accepts mail from users and sends it to an external domain. If your server is open for relaying, or if relaying is unsecured on your server, unauthorized users can use your server to send unsolicited commercial e-mail. Therefore, to secure your SMTP virtual server, it is crucial that you set relay restrictions.
It is important to understand the difference between authenticated relaying and anonymous or open relaying.
Authenticated relaying allows your internal users to send mail to domains outside of your Exchange organization, but requires authentication before the mail is sent. By default, Exchange only allows authenticated relaying.
Anonymous relaying allows any user to connect to your Exchange server and use it send mail outside your Exchange organization.
The following examples demonstrate how Exchange 2000 accepts and relays mail using authenticated relaying:
Example 1 An anonymous user connects to the SMTP virtual server and attempts to deliver mail to an internal user in the Exchange organization. In this situation, the SMTP virtual server accepts the message because it is destined for an internal domain and because the user exists in Active Directory.
Example 2 An anonymous user connects to the SMTP virtual server and attempts to deliver mail to an external user in an external domain. In this situation, the SMTP virtual server rejects the mail because it is destined for an external domain for which the Exchange server is not responsible. Because the user is not authenticated, the SMTP virtual server does not relay this mail outside of the Exchange organization.
Example 3 A user connects to the SMTP virtual server using a POP or IMAP client (for example Microsoft Outlook® Express), authenticates, and then attempts to send a message to a user in an external domain.In this situation, Outlook Express connects directly to the SMTP virtual server and authenticates the user. Although the message is destined for a remote domain, the SMTP virtual server accepts and relays this mail because the user is authenticated. By using the relay control features of Exchange 2000, you can prevent third parties from relaying mail through your server. Relay control allows you to specify a list of incoming remote IP address and subnet mask pairs that have permission to relay mail through your server. Exchange checks an incoming SMTP client’s IP address against the list of IP networks allowed to relay mail. If the client is not allowed to relay mail, only mail addressed to local recipients is allowed. Relay control can also be implemented by domain—however, this requires implementation of reverse DNS resolution, which is controlled at the SMTP virtual server level. Default Relay Restrictions.
By default, the SMTP virtual server allows relaying only from authenticated users. This configuration is designed to prevent unauthorized users from using your Exchange server to relay mail. the virtual server’s default configuration allows only authenticated computers to relay mail.Unsolicited commercial e-mail generally comes from a spoofed or forged address and is often relayed using a server that is not secured for relay. For this reason, Exchange 2000 allows only authenticated users. Be very cautious when changing this setting—many Internet providers will block servers that allow open relaying.
Hope this clears your doubts