Solved

Is there a way to test to see if 2003 Exchange is relaying?

Posted on 2006-07-21
6
212 Views
Last Modified: 2010-03-06
Hi all,  I really thought I had my server setup properly, but in the past week or so something has slowed it down.  I just recently installed Symantec's Anti-Spam product, but other than that I can't think of much that has changed.  

I am running 2003 Server with Exchange 2003.  We are small (less than 20 mailboxes), but just this week I started getting Symantec Email Proxy messages stating that "Your email message to skjeheb@anydomin.com with the subject of Deleivery Status Notification (Failure) was unable to send because the connection to your mail server was interrupted..."  Is this a good thing or a bad thing?

Well, we are not sending anything to this address.  THere are some outgoing messages sitting in the queue but not many.  I'm just wondering if something has somehow hijacked my email server and is forwarding messages.  I'm not sure how to check.

The server must be booted at least once a day or it runs at a snails pace.  It may not even have anything to do with mail, but this is the first place I am looking (besides checking for viruses).

Any help would be greatly apprecitated.  Thanks in advance
0
Comment
Question by:vbowman
6 Comments
 
LVL 32

Assisted Solution

by:r-k
r-k earned 175 total points
ID: 17158342
You can try some basic troubleshooting, such as running Task Manager (Ctrl-Shft-Esc) and see what might be taking up memory and cpu time.
Is the disk space running low? How much ram does the system have?

Re. open relay, you can try the method suggested by Sembee:

 http://www.amset.info/exchange/smtp-openrelay.asp

or submit your IP for testing at (e.g.) http://www.abuse.net/relay.html

Without seeing the complete message header it is hard to say, but those messages from Symantec may be normal spam.

To check whether Symantec might be bogging things down maybe you can disable it for a while.
0
 
LVL 8

Assisted Solution

by:jessmca
jessmca earned 175 total points
ID: 17158492
Usually this means your mail server traffic is getting hammered or impeded by software such as anti virus.  I wuold check what badnwidth you are pushing on the mail server.  If it is high traffic, try tightening port 25 access.  
The best exchange mail protection service is from an external company with lots of bandwidth.  You can then block port 25 from anywhere but their mx server ip addresses.

Personally, I wouldny have Norton software anywhere near a server.
Too many things cause it to malfuntion.
0
 

Author Comment

by:vbowman
ID: 17158533
I have plenty of hard disk space and the server has 2 gig of ram.  When I look at task manager it says the CPU usage is less than 30% and the PF usage is 1.85 GB. (Isn't that a bit high?)  I do have over 100 processes running.

And in regard to the message header, I do not see it either, all I am seeing are the popup boxes from Symantec.

k, off to check out your other suggestions.
0
 

Author Comment

by:vbowman
ID: 17163291
I following the first link above and made sure everything looked good.  The only exceptions I had was that I had on the "Only List below" two internal ip addresses in order for two other machines to access Pop3.  I took these out just for the heck of it to test.  But, everything else is set the same as suggested.

I ran NAV and it returned with no viruses.  I am stuck with Norton software, no way around that at the moment.

This may be a stupid question, but how do I check the bandwidth that the email server is using?  

Oh, one more thing, everthing goes through a Sonic Wall before it hits the network.  Today I disconnected the server and noticed that the traffic on the Sonic Wall (via the lights) did not decrease one bit.

Any other suggestions?
0
 
LVL 3

Accepted Solution

by:
prav007 earned 150 total points
ID: 17164097
Open up http://ordb.org
Enter your server's fully qualified domain name and check if your server is an open relay

Or else try the telnet commands given below

telnet localhost 25
EHLO
MAIL FROM:username@externaldomain.com
RCPT TO:username@someotherdomain.com

If you get an Unable to relay 550 then your server is not open for relay
If the server is accepting the recipient name then your server is surely open for relay

On the SMTP Virtual Server ----> Properties---> Access---> Relay---> Relay Restrictions--> Make sure that no ip addresses or subnets exist
Also make sure that the Allow only authenticated users to relay is selected

Even if you run the Exchange Best Practices Analyzer Tool available at www.exbpa.com it will also help you in identifying if the server is an open relay server


0

Featured Post

Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now