Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Exchange 2003 with symantec Premium antyspam cannot hold a lot of spam attack...

Avatar of DObolonsky
DObolonsky asked on
Exchange
12 Comments1 Solution540 ViewsLast Modified:
Hi everyone,
I have a client with exchange 2003 running with Symantec Premium antyspam service. I've go trough forum to find solution to prevent a lot of spam to the users.
The axual problem is on the client web site all mails has been public, I've sow the source page it was like mailto: user@domain.com
Now this issue already fix with email address encription, but a lot of spam still go trough. Sometimes I have an issues with inbound and outbound email traffic, till I restart symantec services.
Now current protection is:
symantec Premium antyspam:
If message is spam: prevent delivery to the recipient
on exchange side  I add intelligent message filtering
and set up Exchange manager-server-Diagnostic Logging-MSExchange Transport-SMTP protocol- Maximum.
after that I've got a lot of messages on event viewer: event 7002
This is an SMTP protocol warning log for virtual server ID <value> connection #<value>. The remote host "<IP address>" responded to the SMTP command "<command>" with "<response>". The full command sent was "<full command>". This may cause the connection to fail.

One user who connected to exchange with pop3 cannot send emails, message send back:
  'recipient' on 12/5/2006 12:11 AM
            550 5.7.1 Unable to relay for user@gmail.com


second question I have about 50% incoming emails with address to the user who doesnt exist  for example:
hkjlhlhjx@domain.com
ggkjiejo@domain.com
I understand that too late to prevent but how to fix?
 A lot of messages in the Queues:
retry from:
postmaster@domain.com
Subject: Delivery status Nothification (Failure)


Current exchange settings:
SMTP: mapped to internal IP address of the server
Accsess: all exept listed below
Authentication:
anonymus accsess and integraten windows Authentication
Relay:
granted to ip range *.*.1.0 (main office) *.*.2.0 (branch office) too offices connected wit pix 506e Point-to-point vpn tonnel.
I've tested email server with www.mxtoolbox
result:
mail.domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Mon, 4 Dec 2006 23:54:03 -0800 [47 ms]
Connect Time:       0.062 seconds - Good
Transaction Time:       0.375 seconds - Good
Relay Check:       OK - This server is not an open relay.
Rev DNS Check:       OK - *.*.*.* resolves to mail.domain.com
GeoCode Info:       Geocoding server is unavailable
Session Transcript:       
HELO mxtoolbox.com - DIAGNOSTIC TEST - See http://www.mxtoolbox.com/Policy.aspx
501 5.5.4 Invalid Address [47 ms]
HELO mxtoolbox.com
250 mail.domain.com Hello [64.20.227.131] [78 ms]
MAIL FROM: <test@mxtoolbox.com>
250 2.1.0 test@mxtoolbox.com....Sender OK [47 ms]
RCPT TO: <test@mxtoolbox.com>
550 5.7.1 Unable to relay for test@mxtoolbox.com [47 ms]
QUIT
221 2.0.0 mail.domain.com Service closing transmission channel [47 ms]

I'm complitely lost with settings with advices to prevent spam.
It will be very kind of you guys to help with advice.
If you need additional information about configuration. It will be posted here.
Thank you in advance
Dmytry