?
Solved

Is there a way to test to see if 2003 Exchange is relaying?

Posted on 2006-07-21
6
Medium Priority
?
222 Views
Last Modified: 2010-03-06
Hi all,  I really thought I had my server setup properly, but in the past week or so something has slowed it down.  I just recently installed Symantec's Anti-Spam product, but other than that I can't think of much that has changed.  

I am running 2003 Server with Exchange 2003.  We are small (less than 20 mailboxes), but just this week I started getting Symantec Email Proxy messages stating that "Your email message to skjeheb@anydomin.com with the subject of Deleivery Status Notification (Failure) was unable to send because the connection to your mail server was interrupted..."  Is this a good thing or a bad thing?

Well, we are not sending anything to this address.  THere are some outgoing messages sitting in the queue but not many.  I'm just wondering if something has somehow hijacked my email server and is forwarding messages.  I'm not sure how to check.

The server must be booted at least once a day or it runs at a snails pace.  It may not even have anything to do with mail, but this is the first place I am looking (besides checking for viruses).

Any help would be greatly apprecitated.  Thanks in advance
0
Comment
Question by:vbowman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 32

Assisted Solution

by:r-k
r-k earned 700 total points
ID: 17158342
You can try some basic troubleshooting, such as running Task Manager (Ctrl-Shft-Esc) and see what might be taking up memory and cpu time.
Is the disk space running low? How much ram does the system have?

Re. open relay, you can try the method suggested by Sembee:

 http://www.amset.info/exchange/smtp-openrelay.asp

or submit your IP for testing at (e.g.) http://www.abuse.net/relay.html

Without seeing the complete message header it is hard to say, but those messages from Symantec may be normal spam.

To check whether Symantec might be bogging things down maybe you can disable it for a while.
0
 
LVL 8

Assisted Solution

by:jessmca
jessmca earned 700 total points
ID: 17158492
Usually this means your mail server traffic is getting hammered or impeded by software such as anti virus.  I wuold check what badnwidth you are pushing on the mail server.  If it is high traffic, try tightening port 25 access.  
The best exchange mail protection service is from an external company with lots of bandwidth.  You can then block port 25 from anywhere but their mx server ip addresses.

Personally, I wouldny have Norton software anywhere near a server.
Too many things cause it to malfuntion.
0
 

Author Comment

by:vbowman
ID: 17158533
I have plenty of hard disk space and the server has 2 gig of ram.  When I look at task manager it says the CPU usage is less than 30% and the PF usage is 1.85 GB. (Isn't that a bit high?)  I do have over 100 processes running.

And in regard to the message header, I do not see it either, all I am seeing are the popup boxes from Symantec.

k, off to check out your other suggestions.
0
 

Author Comment

by:vbowman
ID: 17163291
I following the first link above and made sure everything looked good.  The only exceptions I had was that I had on the "Only List below" two internal ip addresses in order for two other machines to access Pop3.  I took these out just for the heck of it to test.  But, everything else is set the same as suggested.

I ran NAV and it returned with no viruses.  I am stuck with Norton software, no way around that at the moment.

This may be a stupid question, but how do I check the bandwidth that the email server is using?  

Oh, one more thing, everthing goes through a Sonic Wall before it hits the network.  Today I disconnected the server and noticed that the traffic on the Sonic Wall (via the lights) did not decrease one bit.

Any other suggestions?
0
 
LVL 3

Accepted Solution

by:
prav007 earned 600 total points
ID: 17164097
Open up http://ordb.org
Enter your server's fully qualified domain name and check if your server is an open relay

Or else try the telnet commands given below

telnet localhost 25
EHLO
MAIL FROM:username@externaldomain.com
RCPT TO:username@someotherdomain.com

If you get an Unable to relay 550 then your server is not open for relay
If the server is accepting the recipient name then your server is surely open for relay

On the SMTP Virtual Server ----> Properties---> Access---> Relay---> Relay Restrictions--> Make sure that no ip addresses or subnets exist
Also make sure that the Allow only authenticated users to relay is selected

Even if you run the Exchange Best Practices Analyzer Tool available at www.exbpa.com it will also help you in identifying if the server is an open relay server


0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question