Tracking down Queued email

Hi, I have been having issues with out ISPs email gateway being blacklisted and have opted to 'Use DNS to route each address space on this connector" on the default SMTP connector.
When I use this option the outbound queues backup with garbage and I have to use AQADMCLI to flush them. I fear these will cause a blacklisting against my IP address.
I am firewalled and don't thing they originate outside, so that leaves inside PCs acting as bots?
How can I use Exchange or other tools to determine where these messages originate?
TIA
MM
OpenallnightAsked:
Who is Participating?
 
SembeeConnect With a Mentor Commented:
Recipient filtering is the way to deal with emails to non existent users being bounced back. http://www.amset.info/exchange/filter-unknown.asp 

Relay available to your subnet - I don't advise that at all. It is too easy to turn the server in to an open relay. For example some firewalls when they NAT the traffic can make SMTP traffic appear to be coming from the internal IP address rather than a public gateway. You don't need relaying enabled at all if all clients are Outlook connected to Exchange (ie no POP3/IMAP/SMTP users).

Simon.
0
 
SLafferty1983Commented:
If you look at the messages in the queue are they from postmaster@yourdomain.com? If they are then you will need to setup recipient filtering. See this article for more information. http://technet.microsoft.com/en-us/library/aa997261.aspx
0
 
SembeeCommented:
You need to work out what is actually happening here. If you were using a smart host then you wouldn't see the signs of the server being abused.
You need to check whether it is an open relay, authenticated user, NDR spam etc.

If you look at the messages, what are they? Are they legitimate? Are they from postmaster@

Simon.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
OpenallnightAuthor Commented:
Hi, I am not using a smarthost gateway as they are a slack cable company and often blacklisted.
I believe this is all NDR stuff from postmaster@mydomainhere.com to nonexistant users @ mydomain.com.
I have checked with relat test pro and all lokes closed. Online relay checks yeild mixed results.
My Authentication is set to Anonymous (if not I get no email), Basic Auth and the domain name is listed.
Relay is set to my subnet granted and allow "all computers which sucessfully authenticate"

SLafferty1983: I dont believe recipient filtering is a solution as there is no way to build an accepted list and a rejected list would become an endless labour?
0
 
SLafferty1983Connect With a Mentor Commented:
Recipient filtering filters out mail that is sent to someone in your domain that does not exist. It will prevent the postmaster messages from filling your queues.
0
 
OpenallnightAuthor Commented:
Thanks!  I have removed relaying and completed an incomplete filtering setup. I now have a greater understanding of Exchange
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.