Link to home
Create AccountLog in
Avatar of kedrigern38
kedrigern38Flag for United States of America

asked on

Small Buisiness Server 2003 Critical Errors in Application Log

We are running Small Business Server 2003 with Exchange. I am getting the following message (or a variant of this message with different remote host IPs and email addresses) every day.

This is an SMTP protocol error log for virtual server ID 1, connection #245. The remote host "12.51.212.222", responded to the SMTP command "rcpt" with "550 #5.1.0 Address rejected turbulent@cafepress.com ". The full command sent was "RCPT TO:<turbulent@cafepress.com> ". This will probably cause the connection to fail. For more information, click http://www.microsoft.com/contentredirect.asp.

I've checked the SMTP settings in Exchange and they are set to the suggested values in KB324958. I even went so far as to delete the server IP and 127.0.01 from the relay dialog. I've also delete the message in the queu, but still receive this error. It look like our server is being used as a spam mail relay.

What do I need to do to stop this?
queues.bmp
Avatar of MichaelVH
MichaelVH
Flag of Belgium image

Hi,

it might be a stupid question but: do you really need all those different SMTP-connectors?
If you forward your emails through the internet, you can easily use only 1 connector...

Michael
Have you installed a firewall between your SBS and the internet? If so - are you allowing inbound traffic on port 25?
Avatar of kedrigern38

ASKER

MichaelVH

I've deleted the messages on the connectors, SBS removes the connectors and then more appear. This is the latest screen shot.

The messages are from postmaster@ourdomain.com. I've never sent these messages.

We do have a hardware firewall between the server and the internet. Port 25 is forwarded to the server. It was my understanding that this port needed to be forwarded for SBS Remote Web Workspace to function properly.
Hi,

port 25 is used for SMTP traffic, so I would find it hard to believe that RWW uses it for communications.
Do you receive mail directly to your server?

Michael
Yes. We host our own email server using Exchange.
What happens if you run the CEICW again?
I deleted the messages, ran the CEICW, and received the same results. I have SMTP connectors popping up.

Here's a screen shot of the event viewer error.
Event-Viewer.bmp
Is there anyone with a suggestion about how to remedy this situation?

The connectors are building up again in Exchange system manager.
I've increased the point value to try and get a solution to this problem. I checked the Exchange server this morning, and there are many SMTP connectors with email addresses I have never seen and would not send email to.

Any suggestions?
ASKER CERTIFIED SOLUTION
Avatar of kedrigern38
kedrigern38
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account