Solved

Exchange Enterprise 2003 (THOUSANDS OF NDR'S OPEN RELAY SPAM IP BANNED FEELING GUILTY)

Posted on 2004-04-05
10
1,635 Views
Last Modified: 2007-12-19
Gday all, I will try and explain my problems !! Here goes I set up Server 2003 Ent with Exchange 2003 Ent in December 2003.
I host email and website  accounts on approx 6 domains and my own domain. all is working well after a few minor setup problems. I Have read lots of bulletins on all the problems to do with NDR'S and Open Relay problems I am getting thousands of NDR'S and have done a few tests with sites recommended for open relay tests and they come back saying that yes I have an open relay problem !! to add injury to insult I got an email saying I had been banned by some mob in the UK cause I sent spam.
 I dont send spam I get spam. Ok here is my proposal, can someone for 500 points help me go through my setup to make sure that everything is set up correctly as I don't like the idea of possibly something that I have done or not done causing a problem to anyone, I just want my server to tick away and not give me indigestion and heartburn. The setup is virtually std with no frills as I did not know enough to change anything from the default settings. But after reading all these articles I started tweaking and then pannic set in, so here I am. I would like a simple and well tried solution if that is possible? Tell me what you need and I will supply all the relevant info you require. Regards Bosso (Feelling Guilty for been branded a spammer)
0
Comment
Question by:JohnBosich
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:What90
ID: 10762657
Hi JohnBosich,


Try following these through:

This one shows you how to see if you are a relay:
http://support.microsoft.com/default.aspx?kbid=324958&product=sbserv2003


these show how to lock up the SMTP:
http://support.microsoft.com/default.aspx?kbid=310380
www.petri.co.il/ preventing_exchange_2000_2003_from_relaying.htm

Nice little touch for extra security:
http://blogs.msdn.com/dlemson/archive/2003/10/17/52019.aspx

0
 

Author Comment

by:JohnBosich
ID: 10762824
A non-delivery report with a status code of 4.0.0 was generated for recipient rfc822;10@uol.com.br (Message-ID <MY-SERVER35SKE0001b764@MYSERVER-server.server.MYDOMAIM.com.au>).

A non-delivery report with a status code of 4.0.0 was generated for recipient rfc822;beckydedora@xnet.com (Message-ID <MYSERVER-SERVERCvoXM0001b44a@MYSERVER-server.server.MYDOMAIN>).


I am still getting these NDRS they have slowed but there is still to many ?????

Regards Bosso.

0
 
LVL 20

Accepted Solution

by:
What90 earned 500 total points
ID: 10762898
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:JohnBosich
ID: 10766307
I Get This error now when I try to send email via web mail. what have I done ???
The following recipient(s) could not be reached:
I still receive Emails OK.

  xxxxxx@xxxxxx.com.au on 06/04/2004 10:07 PM
  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
  <MYSERVER#5.5.0 smtp;554 mail server permanently rejected message (#5.3.0)>
0
 
LVL 3

Expert Comment

by:hcoltrain
ID: 10768579
Have you checked you SMTP log files and searched for that specific session. It may give you more information.
0
 
LVL 20

Expert Comment

by:What90
ID: 10770578
I looks like you've block all relaying from the SMTP outgoing.  Check the smtp connector and see what settings are there.
Then re-check the guides aboves to help resolve your problem.
0
 

Author Comment

by:JohnBosich
ID: 10771333
Ok The above issue has been resolved I think it was delegation problem as my domain had expired for a couple of hours.

After doing this
Determine Whether an Authenticated User is Relaying
I get this, is this good or bad ???

This is an SMTP protocol warning log for virtual server ID 1, connection #66. The remote host "203.93.172.4", responded to the SMTP command "rcpt" with "450 <ludi@tianjin.cngb.com>: User unknown in local recipient table  ". The full command sent was "RCPT TO:<ludi@tianjin.cngb.com>  ".  This may cause the connection to fail.

This is an SMTP protocol warning log for virtual server ID 1, connection #65. The remote host "216.203.248.178", responded to the SMTP command "rcpt" with "450 <abdala@sovietski.com>: User unknown in local recipient table  ". The full command sent was "RCPT TO:<abdala@sovietski.com>  ".  This may cause the connection to fail.

his is an SMTP protocol warning log for virtual server ID 1, connection #32. The remote host "211.218.150.164", responded to the SMTP command "mail" with "451 4.5.4 Host name is not match with your ip, Please Visit at http://realip.naver.com/heloinfo.html.  ". The full command sent was "MAIL FROM:<testimonytend@optonline.net> SIZE=1196  ".  This may cause the connection to fail.

and numerous others.


0
 

Author Comment

by:JohnBosich
ID: 10771467
I am going to leave things as they are for the next 24 hours and let the delegation kick in and sort itself out then I will start tweaking again thanks for all the help to date What90.
0
 
LVL 20

Expert Comment

by:What90
ID: 10771562
That's good as those users don't exist on your system and the message is bounced!
0
 

Author Comment

by:JohnBosich
ID: 10834861
Thanks for your help What90 it all seems to have settled down very few NDR'S now maybe one per hour I think I may have been spammed or spoofed or whatever they call it.

Regards John Bosich
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question