?
Solved

Open relay?  Unauthorized outbound mail stuck in queues.

Posted on 2007-03-20
4
Medium Priority
?
489 Views
Last Modified: 2009-12-16
When I checked the outbound queues on our Exchange 6.5, there were 1500 outbound queues to various mail servers..... aaa.com, aaaa.com, aaaaa.com, etc.   The emails were definately not created by our organization, but list <community care> as the sendee.   The queues are all in "retry" states, and have been for several hours.   The protocols are all SMTP and the source is the Default SMTP virtual server.    

Checking the settings on our Default SMTP Virtual Server in Exchange, the relay restrictions list access only to our internal subnet ranges and "all computers which successfully authenticate".   We also have an IIS server with a smtp virtual server as well, and it has the same settings.    The only change we've made recently is to open the smtp server on the IIS to accept internal mail...i.e., from 192.168.25.x.  

Ideas?

---- update ----

We're now having emails refused, so it looks like we've been placed on a blacklist at spamcop.net.   The associated message on spamcop's site says, "DNS error: xx.xx.xx.xx is cdm-xx-xx-xx-xx.pars.cox-internet.com. but cdm-xx-xx-xx-xx.pars.cox-internet.com. has no DNS information" ... Is this related, and how do I resolve this?
0
Comment
Question by:itatahh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 16

Accepted Solution

by:
AdamRobinson earned 400 total points
ID: 18757105
See:

http://www.amset.info/exchange/smtp-relaysecure.asp
http://support.microsoft.com/kb/324958

After you get your problem taken care of, contact the Spamlists or RBLs and get yourself off them.
0
 
LVL 4

Assisted Solution

by:Michael Frederick
Michael Frederick earned 200 total points
ID: 18757447
Yes, you need to fix the relay issue first. The links that AdanRobinson has supplied you should work on that. Then I would go to MXtoolbox and check the status. They will give you the info you need to get removed from the blacklist. I am regestered with them on a on going (free) service. They monitor my server 24/7 and notify me of outage or possible blacklist activity.

http://www.mxtoolbox.com/

Cheers
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 400 total points
ID: 18760569
The error you have shown from the blacklists is a DNS issue, not the spam issue.

For the DNS issue, put your domain in to dnsreport.com and see what it flags. It looks like you may have mismatched or no reverse DNS, compared to the forward DNS and server banner. dnsreport.com will show you if that is the case.

For the messages in the queues, you probably need my spam cleanup article.
http://www.amset.info/exchange/spam-cleanup.asp

Simon.
0
 

Author Comment

by:itatahh
ID: 18800316
Thanks - you 3 both aided in the solution.

AdamRobinson - the mail server was indeed an open relay; got that fixed.
Tekwazoo - helpful links.
Sembee - our reverse DNS was pointing to our ISP, not our mail server....partially solved now - thanks for the pointer....but that opens some other questions that I'll post in another ticket.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month14 days, 22 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question