asked on

Exchange 2003 IMF strips 2K to 4K messages a day...Is there something wrong with the configuration?

Don't get me wrong....I love the fact that IMF is working (even though it took a little tweaking with the SCLs to get it optimal). However, I find it difficult to beleive that for an 80-user company we are getting that much junkmail. Much of the "sent to" addresses are either old accounts that were deleted some time ago, or accounts that we never had. Is there something that I am missing in the configuration? Could our server be replying to senders in some way propogating more UCE, or is it really normal to get this ammount?

Environment: Windows 2003 SP1 with Exchange 2003 SP2 over it, fully patched. No front end server configuration, single Exchange server.

In ESM: Message Delivery Options- Recipient Filtering is not selected; Sender ID Filtering Accept (default); Connection Filtering not configured (default) but some addresses have been allowed to global allowed list. Virtual SMTP server- Apply IMF, apply Sender Filter, apply Connection Filter.

Maybe I should just be happy that it's working, but I have to go through all the UCE every couple of days to make sure it's really junk.

Thanks!

ASKER CERTIFIED SOLUTION

Sembee

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

jefferybush

ASKER

Thanks Simon. I have enable recipient and the tarptitting feature, we'll see how it goes. Will all messages sent to invalid addresses get an NDR and help the spammer with harvesting tho? Or will the 5 second delay in SMPT responses fix that?

Jeff

Sembee

Tar pit deals with the directory harvesting. It slows down the spammer so that it becomes uneconomic to attack your system.
Think how long five seconds is, and then think how many responses a spammer COULD get in that time.

Simon.

jefferybush

ASKER

Thanks again!