Solved

Exchange 5.5 possible email relay

Posted on 2006-07-04
4
195 Views
Last Modified: 2010-03-06
We are running exchange 5.5 and over the last few weeks I have received a number of administrator outbound mail failures (administratot received all failure messages) here is a sample of the failure:

A mail message was not sent due to a protocol error.

      554 delivery error: dd This user doesn't have a yahoo.com.tw account (njaw@yahoo.com.tw) [-5] - mta186.mail.tpe.yahoo.com The message that caused this notification was:


      To:       <njaw@yahoo.com.tw>; <shenchen@mail.xt.hn.cn>; <shenchen@mail.zsptt.zj.cn>; <wengnzw@email.com.cn>; <huchu2008@sina.com>; <alek@sina.com>
      From:     <C277I397z@My Mail Server Ip>
      Subject:  


I quickly realized that my server was sending mail out at a significant rate as I was receiving about 1000 outbound failures a day.  I have tested for open relay at abuse.net and we pass.  Currently we have all incoming mail send to a spam firewall which forwards mail to the exchange server, so I have it setup to only recieve mail from that one IP address.  I ran a virus scan and spyware scan but no luck.  Any other places I can look?
0
Comment
Question by:Bekster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Author Comment

by:Bekster
ID: 17036867
I have the routing restrictions set for only "hosts and clients that successfully authenticate" Is it possible that a machine on our lan, who is permitted to send mail, has some type of virus/mail spamming agent running and sending out messages?
0
 
LVL 9

Accepted Solution

by:
Exchgen earned 500 total points
ID: 17038426
You may still be open for relay..

Please do not rely on exchange 5.5 capability to stop spam.... it just cant do it..

Try and look on the firewall / spamfilter to cut this spam...

if you have added the IP of the firewall anywhere in IMC it would be wise to remove it... just have the default domain added under inbound routes in IMC and nothing else.

Raghu
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question