Solved

Exchange Enterprise 2003 (THOUSANDS OF NDR'S OPEN RELAY SPAM IP BANNED FEELING GUILTY)

Posted on 2004-04-05
10
1,630 Views
Last Modified: 2007-12-19
Gday all, I will try and explain my problems !! Here goes I set up Server 2003 Ent with Exchange 2003 Ent in December 2003.
I host email and website  accounts on approx 6 domains and my own domain. all is working well after a few minor setup problems. I Have read lots of bulletins on all the problems to do with NDR'S and Open Relay problems I am getting thousands of NDR'S and have done a few tests with sites recommended for open relay tests and they come back saying that yes I have an open relay problem !! to add injury to insult I got an email saying I had been banned by some mob in the UK cause I sent spam.
 I dont send spam I get spam. Ok here is my proposal, can someone for 500 points help me go through my setup to make sure that everything is set up correctly as I don't like the idea of possibly something that I have done or not done causing a problem to anyone, I just want my server to tick away and not give me indigestion and heartburn. The setup is virtually std with no frills as I did not know enough to change anything from the default settings. But after reading all these articles I started tweaking and then pannic set in, so here I am. I would like a simple and well tried solution if that is possible? Tell me what you need and I will supply all the relevant info you require. Regards Bosso (Feelling Guilty for been branded a spammer)
0
Comment
Question by:JohnBosich
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:What90
Comment Utility
Hi JohnBosich,


Try following these through:

This one shows you how to see if you are a relay:
http://support.microsoft.com/default.aspx?kbid=324958&product=sbserv2003


these show how to lock up the SMTP:
http://support.microsoft.com/default.aspx?kbid=310380
www.petri.co.il/ preventing_exchange_2000_2003_from_relaying.htm

Nice little touch for extra security:
http://blogs.msdn.com/dlemson/archive/2003/10/17/52019.aspx

0
 

Author Comment

by:JohnBosich
Comment Utility
A non-delivery report with a status code of 4.0.0 was generated for recipient rfc822;10@uol.com.br (Message-ID <MY-SERVER35SKE0001b764@MYSERVER-server.server.MYDOMAIM.com.au>).

A non-delivery report with a status code of 4.0.0 was generated for recipient rfc822;beckydedora@xnet.com (Message-ID <MYSERVER-SERVERCvoXM0001b44a@MYSERVER-server.server.MYDOMAIN>).


I am still getting these NDRS they have slowed but there is still to many ?????

Regards Bosso.

0
 
LVL 20

Accepted Solution

by:
What90 earned 500 total points
Comment Utility
0
 

Author Comment

by:JohnBosich
Comment Utility
I Get This error now when I try to send email via web mail. what have I done ???
The following recipient(s) could not be reached:
I still receive Emails OK.

  xxxxxx@xxxxxx.com.au on 06/04/2004 10:07 PM
  There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
  <MYSERVER#5.5.0 smtp;554 mail server permanently rejected message (#5.3.0)>
0
 
LVL 3

Expert Comment

by:hcoltrain
Comment Utility
Have you checked you SMTP log files and searched for that specific session. It may give you more information.
0
Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 
LVL 20

Expert Comment

by:What90
Comment Utility
I looks like you've block all relaying from the SMTP outgoing.  Check the smtp connector and see what settings are there.
Then re-check the guides aboves to help resolve your problem.
0
 

Author Comment

by:JohnBosich
Comment Utility
Ok The above issue has been resolved I think it was delegation problem as my domain had expired for a couple of hours.

After doing this
Determine Whether an Authenticated User is Relaying
I get this, is this good or bad ???

This is an SMTP protocol warning log for virtual server ID 1, connection #66. The remote host "203.93.172.4", responded to the SMTP command "rcpt" with "450 <ludi@tianjin.cngb.com>: User unknown in local recipient table  ". The full command sent was "RCPT TO:<ludi@tianjin.cngb.com>  ".  This may cause the connection to fail.

This is an SMTP protocol warning log for virtual server ID 1, connection #65. The remote host "216.203.248.178", responded to the SMTP command "rcpt" with "450 <abdala@sovietski.com>: User unknown in local recipient table  ". The full command sent was "RCPT TO:<abdala@sovietski.com>  ".  This may cause the connection to fail.

his is an SMTP protocol warning log for virtual server ID 1, connection #32. The remote host "211.218.150.164", responded to the SMTP command "mail" with "451 4.5.4 Host name is not match with your ip, Please Visit at http://realip.naver.com/heloinfo.html.  ". The full command sent was "MAIL FROM:<testimonytend@optonline.net> SIZE=1196  ".  This may cause the connection to fail.

and numerous others.


0
 

Author Comment

by:JohnBosich
Comment Utility
I am going to leave things as they are for the next 24 hours and let the delegation kick in and sort itself out then I will start tweaking again thanks for all the help to date What90.
0
 
LVL 20

Expert Comment

by:What90
Comment Utility
That's good as those users don't exist on your system and the message is bounced!
0
 

Author Comment

by:JohnBosich
Comment Utility
Thanks for your help What90 it all seems to have settled down very few NDR'S now maybe one per hour I think I may have been spammed or spoofed or whatever they call it.

Regards John Bosich
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video discusses moving either the default database or any database to a new volume.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now