Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 5.5 possible email relay

Posted on 2006-07-04
4
Medium Priority
?
198 Views
Last Modified: 2010-03-06
We are running exchange 5.5 and over the last few weeks I have received a number of administrator outbound mail failures (administratot received all failure messages) here is a sample of the failure:

A mail message was not sent due to a protocol error.

      554 delivery error: dd This user doesn't have a yahoo.com.tw account (njaw@yahoo.com.tw) [-5] - mta186.mail.tpe.yahoo.com The message that caused this notification was:


      To:       <njaw@yahoo.com.tw>; <shenchen@mail.xt.hn.cn>; <shenchen@mail.zsptt.zj.cn>; <wengnzw@email.com.cn>; <huchu2008@sina.com>; <alek@sina.com>
      From:     <C277I397z@My Mail Server Ip>
      Subject:  


I quickly realized that my server was sending mail out at a significant rate as I was receiving about 1000 outbound failures a day.  I have tested for open relay at abuse.net and we pass.  Currently we have all incoming mail send to a spam firewall which forwards mail to the exchange server, so I have it setup to only recieve mail from that one IP address.  I ran a virus scan and spyware scan but no luck.  Any other places I can look?
0
Comment
Question by:Bekster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Author Comment

by:Bekster
ID: 17036867
I have the routing restrictions set for only "hosts and clients that successfully authenticate" Is it possible that a machine on our lan, who is permitted to send mail, has some type of virus/mail spamming agent running and sending out messages?
0
 
LVL 9

Accepted Solution

by:
Exchgen earned 2000 total points
ID: 17038426
You may still be open for relay..

Please do not rely on exchange 5.5 capability to stop spam.... it just cant do it..

Try and look on the firewall / spamfilter to cut this spam...

if you have added the IP of the firewall anywhere in IMC it would be wise to remove it... just have the default domain added under inbound routes in IMC and nothing else.

Raghu
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question