Solved

Exchange 5.5 possible email relay

Posted on 2006-07-04
4
191 Views
Last Modified: 2010-03-06
We are running exchange 5.5 and over the last few weeks I have received a number of administrator outbound mail failures (administratot received all failure messages) here is a sample of the failure:

A mail message was not sent due to a protocol error.

      554 delivery error: dd This user doesn't have a yahoo.com.tw account (njaw@yahoo.com.tw) [-5] - mta186.mail.tpe.yahoo.com The message that caused this notification was:


      To:       <njaw@yahoo.com.tw>; <shenchen@mail.xt.hn.cn>; <shenchen@mail.zsptt.zj.cn>; <wengnzw@email.com.cn>; <huchu2008@sina.com>; <alek@sina.com>
      From:     <C277I397z@My Mail Server Ip>
      Subject:  


I quickly realized that my server was sending mail out at a significant rate as I was receiving about 1000 outbound failures a day.  I have tested for open relay at abuse.net and we pass.  Currently we have all incoming mail send to a spam firewall which forwards mail to the exchange server, so I have it setup to only recieve mail from that one IP address.  I ran a virus scan and spyware scan but no luck.  Any other places I can look?
0
Comment
Question by:Bekster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Author Comment

by:Bekster
ID: 17036867
I have the routing restrictions set for only "hosts and clients that successfully authenticate" Is it possible that a machine on our lan, who is permitted to send mail, has some type of virus/mail spamming agent running and sending out messages?
0
 
LVL 9

Accepted Solution

by:
Exchgen earned 500 total points
ID: 17038426
You may still be open for relay..

Please do not rely on exchange 5.5 capability to stop spam.... it just cant do it..

Try and look on the firewall / spamfilter to cut this spam...

if you have added the IP of the firewall anywhere in IMC it would be wise to remove it... just have the default domain added under inbound routes in IMC and nothing else.

Raghu
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCH2013 reports 4 41
Exchnage 2013 Database - Dirty Shutdown 4 101
Exchange 2010 CAS array Load Balancing. 7 59
Graceful Shutdown of MXS 2013 DAG during power outage. 9 29
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question