Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

EXCHANGE SMTP QUEUE SHOWS EMAILS FROM A SENDER NOT FROM OUR DOMAIN

Posted on 2008-06-21
11
Medium Priority
?
685 Views
Last Modified: 2008-09-17
We have a SBS 2003 server with Microsoft exchange 2003 mail server.

Recently we have seen that the SMTP queue in the exchange system manager shows up 100's of emails
in the queue . When I opened up some of the email properties to see the sender address, it shows up some
other email id, which is not from our domain.   Looks like some 3rd party email id.


1)  Is someone trying to send emails from our mail server ?

2)  Our exchange server is not set to relay.

Any suggestions as how this can be controlled or is it something which is not to be worried about ?


Thanks
0
Comment
Question by:OCUBE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
11 Comments
 

Expert Comment

by:PerfectPCFix
ID: 21839737
What kind of security do you have in place? Trend Micro, Bit Defender,/ Ect...??? How many users do you have? Are you using your own mail server or are your MX records ect outsourced? POP 3??? What is the content of these emails???
0
 

Author Comment

by:OCUBE
ID: 21839749


1) we have snapgear sg580 firewall on the gateway
2) we have symantec mail security on the exchange server
3) Mx records are set in our domain registrar login pointing our internal ms exchange server IP adress
0
 
LVL 1

Expert Comment

by:sgerling
ID: 21839848
Use an open relay tester such as:
http://www.spamhelp.org/shopenrelay/

You did indicate your server is configured not to relay messages, but it would still be a good idea to test it.  There could be a setting that is incorrect.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 25

Expert Comment

by:kieran_b
ID: 21839928
By default, authenticated relaying is enabled - it could be that someone has guessed your administrator password
0
 

Accepted Solution

by:
PerfectPCFix earned 672 total points
ID: 21841053
Sounds more like you are being targeted by a spammer. What domain are they from? Variouse ones? I would look into a spam filter. There are some for SBS and some 3rd party you can rout your incomming mail through. Trend Micro has one and there is one at www.no-ip.com. There are many others too.
0
 

Expert Comment

by:Fmatias
ID: 21867766
Are those regular emails or NDR?
0
 

Author Comment

by:OCUBE
ID: 22103040
These emails comes in hundreds some times and thousands some times and sits in queue.
They are from different sources and different domains and most of them TO: address will be NONE
I had found the following words on those emails :

Delivery to the following recipients failed
THIS IS A WARNING MESSAGE ONLY
EPPICard - support@yahoo.com
Delivery Status Notification (Failure)
and so on..

I had checked and found my domain is looks good with the tools for mx and other records.
No open relay enabled on mail server

Any good thought to over come these issues?
0
 

Assisted Solution

by:Fmatias
Fmatias earned 664 total points
ID: 22103255
Well see if this helps http://support.microsoft.com/kb/886208

I had a problem like that a while back because someone messed up in setting up an Exchange box. I had like 70.000 NDR and the server just freezed.
0
 
LVL 25

Assisted Solution

by:kieran_b
kieran_b earned 664 total points
ID: 22106872
If the TO address is none, it means you are bouncing attempted spam - you are causing NDR spam.

You need to enable recipient filtering and tarpitting -> http://www.amset.info/exchange/filter-unknown.asp

Then, to clear the queues, you need to follow this -> http://www.amset.info/exchange/spam-cleanup.asp

Kieran
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question