This is an SMTP protocol warning log for virtual server ID 1, connection #15
Hello
I am getting the following error in my Event Viewer:
This is an SMTP protocol warning log for virtual server ID 1, connection #15. The remote host "203.16.214.182", responded to the SMTP command "mail" with "453 #4.1.8 Domain of sender address <jramos@ranido.com> does not exist ". The full command sent was "MAIL FROM:<jramos@ranido.com> SIZE=5668 ". This may cause the connection to fail.
I picked this up when I received an email from my ISP saying that my mail server was sending excessive spam. I enabled logging on SMTP and received the above error message. It continually occurs at random intervals - at least once every 10 minutes or so. I believe it is spam as I do not recognize the Mail From address. I have blocked the domain in ISA using the SMTP filter but I still get the message showing up in event viewer.
SMTP relay is disabled on my server.
Please advise me as to what should be my next step in:
1- making sure my server isnt being used to send spam
2- stopping the error from showing up in my event viewer
Regards
Gavin McMillan
I am getting the following error in my Event Viewer:
This is an SMTP protocol warning log for virtual server ID 1, connection #15. The remote host "203.16.214.182", responded to the SMTP command "mail" with "453 #4.1.8 Domain of sender address <jramos@ranido.com> does not exist ". The full command sent was "MAIL FROM:<jramos@ranido.com> SIZE=5668 ". This may cause the connection to fail.
I picked this up when I received an email from my ISP saying that my mail server was sending excessive spam. I enabled logging on SMTP and received the above error message. It continually occurs at random intervals - at least once every 10 minutes or so. I believe it is spam as I do not recognize the Mail From address. I have blocked the domain in ISA using the SMTP filter but I still get the message showing up in event viewer.
SMTP relay is disabled on my server.
Please advise me as to what should be my next step in:
1- making sure my server isnt being used to send spam
2- stopping the error from showing up in my event viewer
Regards
Gavin McMillan
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi, thanks again for the answer, figured id leave feadback!
Was really happy with the structure of your answer... addressed the question, explained it clearly and gave a good solution.
Regards
Gavin
Was really happy with the structure of your answer... addressed the question, explained it clearly and gave a good solution.
Regards
Gavin
Trend CSM filters spam that directs to valid users. What you would need is something that can filter the recipient on the message against a list of internal email addresses.
Good luck!
Good luck!
ASKER
Thanks for your comment, I will disable NDR and see how that all goes. I added the domain to the blocked list in ISA SMTP Filter and havent had any issues at this point, will keep an eye on it though.
Also curious, at present I have Trend Micro Client Server Messaging suite for SMB as my antivirus/spam etc solution, it hasnt seemed to have picked this up, would you consider that a hardware solution may be better than Software?
I will award you the points as you have explained what the issue was and how to fix it!
Regards
Gavin McMillan