itatahh
asked on
Open relay? Unauthorized outbound mail stuck in queues.
When I checked the outbound queues on our Exchange 6.5, there were 1500 outbound queues to various mail servers..... aaa.com, aaaa.com, aaaaa.com, etc. The emails were definately not created by our organization, but list <community care> as the sendee. The queues are all in "retry" states, and have been for several hours. The protocols are all SMTP and the source is the Default SMTP virtual server.
Checking the settings on our Default SMTP Virtual Server in Exchange, the relay restrictions list access only to our internal subnet ranges and "all computers which successfully authenticate". We also have an IIS server with a smtp virtual server as well, and it has the same settings. The only change we've made recently is to open the smtp server on the IIS to accept internal mail...i.e., from 192.168.25.x.
Ideas?
---- update ----
We're now having emails refused, so it looks like we've been placed on a blacklist at spamcop.net. The associated message on spamcop's site says, "DNS error: xx.xx.xx.xx is cdm-xx-xx-xx-xx.pars.cox-i
Checking the settings on our Default SMTP Virtual Server in Exchange, the relay restrictions list access only to our internal subnet ranges and "all computers which successfully authenticate". We also have an IIS server with a smtp virtual server as well, and it has the same settings. The only change we've made recently is to open the smtp server on the IIS to accept internal mail...i.e., from 192.168.25.x.
Ideas?
---- update ----
We're now having emails refused, so it looks like we've been placed on a blacklist at spamcop.net. The associated message on spamcop's site says, "DNS error: xx.xx.xx.xx is cdm-xx-xx-xx-xx.pars.cox-i
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
AdamRobinson - the mail server was indeed an open relay; got that fixed.
Tekwazoo - helpful links.
Sembee - our reverse DNS was pointing to our ISP, not our mail server....partially solved now - thanks for the pointer....but that opens some other questions that I'll post in another ticket.