[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

w2k3 Server SMTP Q full of spam and I can not find which machine in office is sending Help

Posted on 2006-11-10
6
Medium Priority
?
192 Views
Last Modified: 2010-04-18
w2k3 Server SMTP Q full of spam and I can not find which machine in office is sending Help

I installed norton av corporate on server and all clients in the office yesterday.  Scans are not finding any viruses.  
0
Comment
Question by:jazzhands01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 17917467
This is probably not spam per se but NDR's that cannot be sent because they are responding to spam messages that came in but were addressed to an email address that doesn't exist on your domain.  Your Exchange server is trying to send NDR's to these external addressses where the spam originated - and since these are also bogus addresses, the NDR's just sit there clogging up your queues and don't go anywhere.  If you look at the actual messages in the queues, you'll see that they are all from "postmaster" and are all NDR's.

There are only 2 ways to stop this:

1.  Turn off your NDR's completely.  This will prevent the NDR's from filling up your queues.  However, be aware that the system still generates the NDR's, it just doesn't send them.  So, even though it keeps the queues clear, it is still creating a burden on your Exchange system.

2.  Put an anti-spam solution in place that will stop the incoming spam before it gets to Exchange so that the NDR's don't get created in the first place.  You can either use the native Exchange 2003 anti-spam capabilities, get the Symantec Anti-Virus anti-spam solution (since you already have Symantec), or look at other 3rd party solutions.  We've used both Nemx and GFI Mail Essentials at various of our customer sites, but there are many others out there.

Hope this helps!
0
 

Author Comment

by:jazzhands01
ID: 17917614
Thanks!  How do I turn off the ndr's?

0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 17917662
In the Exchange System Manager, go to the Global Settings/Internet Message Format, right-click on the Default format, go to Properties, and go to the Advanced tab.  Remove the checkmark from the Allow non-delivery reports box.

You might want to make sure your users/management understand that this means that if someone outside the company legitimately mis-addresses an email to someone in your organization, they will no longer get a non-delivery report.

Cheers!
0
 

Author Comment

by:jazzhands01
ID: 18094287
All good.  Thanks.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Learn about cloud computing and its benefits for small business owners.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question