Solved

Is there a way to test to see if 2003 Exchange is relaying?

Posted on 2006-07-21
6
217 Views
Last Modified: 2010-03-06
Hi all,  I really thought I had my server setup properly, but in the past week or so something has slowed it down.  I just recently installed Symantec's Anti-Spam product, but other than that I can't think of much that has changed.  

I am running 2003 Server with Exchange 2003.  We are small (less than 20 mailboxes), but just this week I started getting Symantec Email Proxy messages stating that "Your email message to skjeheb@anydomin.com with the subject of Deleivery Status Notification (Failure) was unable to send because the connection to your mail server was interrupted..."  Is this a good thing or a bad thing?

Well, we are not sending anything to this address.  THere are some outgoing messages sitting in the queue but not many.  I'm just wondering if something has somehow hijacked my email server and is forwarding messages.  I'm not sure how to check.

The server must be booted at least once a day or it runs at a snails pace.  It may not even have anything to do with mail, but this is the first place I am looking (besides checking for viruses).

Any help would be greatly apprecitated.  Thanks in advance
0
Comment
Question by:vbowman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 32

Assisted Solution

by:r-k
r-k earned 175 total points
ID: 17158342
You can try some basic troubleshooting, such as running Task Manager (Ctrl-Shft-Esc) and see what might be taking up memory and cpu time.
Is the disk space running low? How much ram does the system have?

Re. open relay, you can try the method suggested by Sembee:

 http://www.amset.info/exchange/smtp-openrelay.asp

or submit your IP for testing at (e.g.) http://www.abuse.net/relay.html

Without seeing the complete message header it is hard to say, but those messages from Symantec may be normal spam.

To check whether Symantec might be bogging things down maybe you can disable it for a while.
0
 
LVL 8

Assisted Solution

by:jessmca
jessmca earned 175 total points
ID: 17158492
Usually this means your mail server traffic is getting hammered or impeded by software such as anti virus.  I wuold check what badnwidth you are pushing on the mail server.  If it is high traffic, try tightening port 25 access.  
The best exchange mail protection service is from an external company with lots of bandwidth.  You can then block port 25 from anywhere but their mx server ip addresses.

Personally, I wouldny have Norton software anywhere near a server.
Too many things cause it to malfuntion.
0
 

Author Comment

by:vbowman
ID: 17158533
I have plenty of hard disk space and the server has 2 gig of ram.  When I look at task manager it says the CPU usage is less than 30% and the PF usage is 1.85 GB. (Isn't that a bit high?)  I do have over 100 processes running.

And in regard to the message header, I do not see it either, all I am seeing are the popup boxes from Symantec.

k, off to check out your other suggestions.
0
 

Author Comment

by:vbowman
ID: 17163291
I following the first link above and made sure everything looked good.  The only exceptions I had was that I had on the "Only List below" two internal ip addresses in order for two other machines to access Pop3.  I took these out just for the heck of it to test.  But, everything else is set the same as suggested.

I ran NAV and it returned with no viruses.  I am stuck with Norton software, no way around that at the moment.

This may be a stupid question, but how do I check the bandwidth that the email server is using?  

Oh, one more thing, everthing goes through a Sonic Wall before it hits the network.  Today I disconnected the server and noticed that the traffic on the Sonic Wall (via the lights) did not decrease one bit.

Any other suggestions?
0
 
LVL 3

Accepted Solution

by:
prav007 earned 150 total points
ID: 17164097
Open up http://ordb.org
Enter your server's fully qualified domain name and check if your server is an open relay

Or else try the telnet commands given below

telnet localhost 25
EHLO
MAIL FROM:username@externaldomain.com
RCPT TO:username@someotherdomain.com

If you get an Unable to relay 550 then your server is not open for relay
If the server is accepting the recipient name then your server is surely open for relay

On the SMTP Virtual Server ----> Properties---> Access---> Relay---> Relay Restrictions--> Make sure that no ip addresses or subnets exist
Also make sure that the Allow only authenticated users to relay is selected

Even if you run the Exchange Best Practices Analyzer Tool available at www.exbpa.com it will also help you in identifying if the server is an open relay server


0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question