?
Solved

Exchange Open Relay - Suspect Client

Posted on 2008-10-31
4
Medium Priority
?
394 Views
Last Modified: 2008-11-12
Hi all,
We have a remote server is using Exchange 2003. From what I can see the server is NOT an open relay. I have checked the settings and have run the telnet test to try to relay and no go.

I am suspecting that a client on the domain may be relaying mail through the server thereby getting around the open relay settings on the server. Not sure at this point whether it's from the outside or insdie.

I reviewed the following article to setup diagnostic logging to try and help me determine if and who the culprit is. I am not getting anything definitive.
http://support.microsoft.com/kb/895853

The server is flooded with NDR events as well as Event ID 7004.
Also the queue is filling up.

Any thoughts on this would be great. Any tools or other tests I can use to determine the happenings here?

Thanks
0
Comment
Question by:cepolly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851037
0
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851069
or the microsoft one..
http://support.microsoft.com/?kbid=304897
Hope this helps
0
 
LVL 4

Expert Comment

by:eli_cook
ID: 22851419
If it is a publicly accessible server I use DNSstuff.com to check for open relays (simple check) or you can use http://www.abuse.net/relay.html for a more detailed check.
0
 
LVL 1

Accepted Solution

by:
cepolly earned 0 total points
ID: 22910320
It turns out that this was just a spammer dropping a ton of spam on the server. Relay were not open.
Followed this article and all is well to clean out queues (it took several hours):

http://support.microsoft.com/?id=324958 under Clean up the Exchange Server's SMTP queues.

Thanks for coments.
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question