ISA Server 2004 NDR attack on SMTP Virtual Server Need Help

We are currently using ISA 2004 as a proxy and a firewall as our entry point to the outside.  We are running an SMTP virtual server on this ISA box which passes email through to our Exchange 2K3 email server.  We were experiencing NDR attacks on the Exchange server (filling up queues with postmaster NDR messages) so I enabled recipient filtering to filter messages sent to recipients that weren't in the directory.  This cleaned up the overloaded queues on the Exchange server.  However, I have recently noticed that there is a Queue folder in the ISA 2K4 server (inetpub\mailroot) that is also filling up with NDR messages which are being sent from postmaster@isaserver.domain.com.  It appears that this virtual smtp server on the ISA box is under NDR attack as well, however there is not an option in ISA to filter recipients not in the directory.  I also discovered that the Badmail folder on ISA (inetpub\mailroot) got overloaded with over 1 million messages and caused the server to stop working.  I setup a task that runs a script to emtpy that badmail folder to keep this from happening again.  The badmail folder on our Exchange 2K3 server was empty, but the badmail folder on our ISA box was way overloaded.  What should I do to stop the NDR queue buildup on ISA?  Also, I am not 100% sure that I even need to have this virtual SMTP server setup in ISA to pass email to Exchange.  Do I?  Is there another way that ISA needs to be configured to pass outside email to our Exchange box?  Thanks in advance for the help.
shockeyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Couple of things here. Fiest is to make sure you have all of the ISA/Windows service packs installed.

You do not need an smtp service on isa; personally I will not even install IIS on the ISA box as again, it is not necessary. on the ISA, just run the mail publishing wizard for smtp abd give the internal IP (Never the name) of the Exchange server or gateway you want mail traffic passed to.

For outgoing, on the Exchange server SMTP connector either set an external device as the smarthost or let DNS do the delivering for you.

Regards

Keith
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.