Solved

Somebody is using our mail server....

Posted on 2004-04-07
1
185 Views
Last Modified: 2010-04-09
we are runing exchange 2003 behind ISA server. from our virus program i can see that the mail server sending emails to unrecognized addresses that are failed because they are bogos addresses,and after some time they goes to the bedMail directory
we permit the server to relay email only from one internal ip address. where is our hole? and how we can plug it?
many thanks in advance to the guru's
0
Comment
Question by:Info_user100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 20

Accepted Solution

by:
What90 earned 250 total points
ID: 10779940
Those are NDR's and there inst't much you can do about it.

You can automatically reject emails the come to your domain which aren't addressed to real addresses on your Exchange server.

Follow this:
http://www.winnetmag.com/MicrosoftExchangeOutlook/Article/ArticleID/40756/40756.html
or
http://blogs.msdn.com/dlemson/archive/2003/10/17/52019.aspx


More info on NDR's:
http://support.microsoft.com/default.aspx?scid=kb;en-us;316617&Product=exch2003
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question