?
Solved

Exchange Open Relay - Suspect Client

Posted on 2008-10-31
4
Medium Priority
?
405 Views
Last Modified: 2008-11-12
Hi all,
We have a remote server is using Exchange 2003. From what I can see the server is NOT an open relay. I have checked the settings and have run the telnet test to try to relay and no go.

I am suspecting that a client on the domain may be relaying mail through the server thereby getting around the open relay settings on the server. Not sure at this point whether it's from the outside or insdie.

I reviewed the following article to setup diagnostic logging to try and help me determine if and who the culprit is. I am not getting anything definitive.
http://support.microsoft.com/kb/895853

The server is flooded with NDR events as well as Event ID 7004.
Also the queue is filling up.

Any thoughts on this would be great. Any tools or other tests I can use to determine the happenings here?

Thanks
0
Comment
Question by:cepolly
  • 2
4 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851037
0
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851069
or the microsoft one..
http://support.microsoft.com/?kbid=304897
Hope this helps
0
 
LVL 4

Expert Comment

by:eli_cook
ID: 22851419
If it is a publicly accessible server I use DNSstuff.com to check for open relays (simple check) or you can use http://www.abuse.net/relay.html for a more detailed check.
0
 
LVL 1

Accepted Solution

by:
cepolly earned 0 total points
ID: 22910320
It turns out that this was just a spammer dropping a ton of spam on the server. Relay were not open.
Followed this article and all is well to clean out queues (it took several hours):

http://support.microsoft.com/?id=324958 under Clean up the Exchange Server's SMTP queues.

Thanks for coments.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this article, I will demonstrate that how to do a PST migration from Exchange Server to Office 365. This method allows importing one single PST, or multiple PST's at once.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question