?
Solved

w2k3 Server SMTP Q full of spam and I can not find which machine in office is sending Help

Posted on 2006-11-10
6
Medium Priority
?
194 Views
Last Modified: 2010-04-18
w2k3 Server SMTP Q full of spam and I can not find which machine in office is sending Help

I installed norton av corporate on server and all clients in the office yesterday.  Scans are not finding any viruses.  
0
Comment
Question by:jazzhands01
  • 2
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 17917467
This is probably not spam per se but NDR's that cannot be sent because they are responding to spam messages that came in but were addressed to an email address that doesn't exist on your domain.  Your Exchange server is trying to send NDR's to these external addressses where the spam originated - and since these are also bogus addresses, the NDR's just sit there clogging up your queues and don't go anywhere.  If you look at the actual messages in the queues, you'll see that they are all from "postmaster" and are all NDR's.

There are only 2 ways to stop this:

1.  Turn off your NDR's completely.  This will prevent the NDR's from filling up your queues.  However, be aware that the system still generates the NDR's, it just doesn't send them.  So, even though it keeps the queues clear, it is still creating a burden on your Exchange system.

2.  Put an anti-spam solution in place that will stop the incoming spam before it gets to Exchange so that the NDR's don't get created in the first place.  You can either use the native Exchange 2003 anti-spam capabilities, get the Symantec Anti-Virus anti-spam solution (since you already have Symantec), or look at other 3rd party solutions.  We've used both Nemx and GFI Mail Essentials at various of our customer sites, but there are many others out there.

Hope this helps!
0
 

Author Comment

by:jazzhands01
ID: 17917614
Thanks!  How do I turn off the ndr's?

0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 17917662
In the Exchange System Manager, go to the Global Settings/Internet Message Format, right-click on the Default format, go to Properties, and go to the Advanced tab.  Remove the checkmark from the Allow non-delivery reports box.

You might want to make sure your users/management understand that this means that if someone outside the company legitimately mis-addresses an email to someone in your organization, they will no longer get a non-delivery report.

Cheers!
0
 

Author Comment

by:jazzhands01
ID: 18094287
All good.  Thanks.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Integration Management Part 2

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question