Solved

Exchange Open Relay - Suspect Client

Posted on 2008-10-31
4
375 Views
Last Modified: 2008-11-12
Hi all,
We have a remote server is using Exchange 2003. From what I can see the server is NOT an open relay. I have checked the settings and have run the telnet test to try to relay and no go.

I am suspecting that a client on the domain may be relaying mail through the server thereby getting around the open relay settings on the server. Not sure at this point whether it's from the outside or insdie.

I reviewed the following article to setup diagnostic logging to try and help me determine if and who the culprit is. I am not getting anything definitive.
http://support.microsoft.com/kb/895853

The server is flooded with NDR events as well as Event ID 7004.
Also the queue is filling up.

Any thoughts on this would be great. Any tools or other tests I can use to determine the happenings here?

Thanks
0
Comment
Question by:cepolly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851037
0
 
LVL 12

Expert Comment

by:RobinHuman
ID: 22851069
or the microsoft one..
http://support.microsoft.com/?kbid=304897
Hope this helps
0
 
LVL 4

Expert Comment

by:eli_cook
ID: 22851419
If it is a publicly accessible server I use DNSstuff.com to check for open relays (simple check) or you can use http://www.abuse.net/relay.html for a more detailed check.
0
 
LVL 1

Accepted Solution

by:
cepolly earned 0 total points
ID: 22910320
It turns out that this was just a spammer dropping a ton of spam on the server. Relay were not open.
Followed this article and all is well to clean out queues (it took several hours):

http://support.microsoft.com/?id=324958 under Clean up the Exchange Server's SMTP queues.

Thanks for coments.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video discusses moving either the default database or any database to a new volume.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question