Solved

exchange server 2000 win 2000 sbs server ; mail relay/sessions unwanted issue

Posted on 2007-04-05
2
220 Views
Last Modified: 2010-03-06
i know this is here several times, ive read thru them existing fixes, however im still having the issue.

hi, i have an exchange 2000 server with the latest patches, sp3, and the rollup since sp3.
on a win 200 sbs server with sp4, and all the latest.

in the esm, i goto the protocols, and to the virtual smtp server, and i see many, many email listed there  to wherever, and i always see a list of names/ip addresses in the 'current sessions', i terminate all sessions. however ive already, locked down the relay on the virutal smtp server , relays, i stopped the ndr delivery, changed the admin password, and the 1 user password.
as soon as i start the virtual server, someone connects a session.
i cannot seem to delete all the queue mail, just turns red icon, but not deleted.
ideas from here

fyi, i use an outbound smart host for smtp mail, but thats got a 1500 day limit, and ive hit that today!.
what changed recently is that i had to r=do a complete reinstall of the sbs/exchange server yesterday.

uder the relay section ive got 'only the list' [no entries in the window] and 'allow authenticated users' bot hchecked off.
however under access control, i HAD the 'anonymous access' checked off [that was by default], i unchecked it to see if thats it possibly,
im going to add a range if ip addresses to the allowed list to see if that helps at all.

but i need ideas, thanks
m
0
Comment
Question by:MarcHelfand
2 Comments
 
LVL 15

Accepted Solution

by:
czcdct earned 125 total points
ID: 18863846
Now, it depends a bit here. Are you using the SBS POP3 connector? If you are then you are probably ok to leave the Anonymous access off since the SBS POP3 connector doesn't work the way most connectors do (which is why many people leave it well alone). If the anonymous is off nobody on the Internet will be able to get email to you. In any case, if you are using the POP3 connector or any type you shouldn't need TCP 25 permitted on the firewall anyway.

So, the issue is the sessions. I'd be making sure from where the connections are coming. If they're internal then it means you've got either POP/SMTP users inside the network or there's a virus/trojan problem.

Once you've checked what's going on with the anonymous access you can post back and describe what happened. Then you can tell us whether those sessions are internal or what.
0
 

Author Comment

by:MarcHelfand
ID: 18869374
i ended up reinstalling the exchange server fresh, and relinking the .edb store.
thanks
m
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now