Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

Exchange Server 2003 filtering problems

Our agency is not receiving any email except for those within our agency (intranet) after I made some changes to correct some issues that were being logged in our event viewer for several weeks. We had been receiving event IDs 7004 - "this is an SMTP protocol warning log for virtual server ID 1, connection #, The remote host responded to SMTP command - user unknown." Our queues would fill up (in system manager) with email that could not go out from postal.hdhcs.org (That is our external domain name hdhcs.org).

I thought we might be getting used as an open relay, so I took out all relay permissions. Do users in my organization need to relay? I am not sure I understand the concept.

I also set up Intelligent Mail Filtering and set up some filters for senders. I don't remember the exact changes I made, but have changed things back now to: Message Delivery - General - IP address for server handling incoming SMTP - I entered out internal IP address of email server. I now have no sender filtering configured now and my Intelligent Message filtering is set up for 8 - block messages setting.

My default SMTP virtual server properties is set up for the default virtual server which is the internal address of our email server. I now have it set up for anonymous access. Submit permission - authenticated users, no relay permissions. I have no connectors set up.

Can you help me figure out why we are no longer receiving email from the outside world?
0
tt0wnsend
Asked:
tt0wnsend
  • 4
  • 4
1 Solution
 
buddholeCommented:
Is the AD lookup for mailboxes working in IMF (under recipient filtering)  ? What is the error when you send mail from e.g. hotmail ? I treid the postmaster account, but that returned 5.1.1 (mailbox unavailable).
0
 
tt0wnsendAuthor Commented:
I did not receive an error when I sent from hotmail. I did make a few changes and am receiving email again now (including yours) but am now receiving the 7010 events in the event log again. The change I made that must have corrected the problem was in the SMTP protocol section of the virtual server settings - I changed to hdhcs.org (which is what I think it was before I tinkered with it Friday and changed it to hdhomecare.com)
0
 
buddholeCommented:
Good to hear mail is working again. To troubleshoot the event id I'ld suggest turning om SMTP logging at the maximum to see what's causing the logon errors. See http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html for more info. This site http://eventid.net/display.asp?eventid=7004&eventno=3510&source=MSExchangeTransport&phase=1 has several solutions, like changing the servername and fully qualified domain name in the smtp server so it's exactly the same as the mx record at the isp (postal.hdhcs.org).
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
tt0wnsendAuthor Commented:
I have now changed the fully qualified domain name in the smtp server to postal.hdhcs.org. I have printed out the articles above and I do see where this information should be very helpful. thanks. I will let you know tomorrow is this will be the accepted solution.

Could I ask one more question? when I see messages in my event log such as "unable to relay for dvdr2000@yahoo.com.tw or infor@ hcdbs.org (our name spelled wrong)" I assume I don't wnat to be able to relay for those????? Is this people trying to use our server as a relay?
0
 
buddholeCommented:
Probably yes. You can use the smtp logs to verify that. Especially if you had relay problems in the past some people/server will keep on trying to relay trough your server. This will get less as time goes by.
0
 
tt0wnsendAuthor Commented:
I am attaching three of my event log errors for you to log at - one notepad file.

Do I just have to live with all these errors in my event log until it gets less as time goes by? Will it get less after these relayers realize they can't relay through us?
filetosendtoExportsExchange.txt
0
 
buddholeCommented:
To make your server reject spam messages right away use the Exchange IMF with active directory lookup enabled in the recipient filtering tab. It will make your server reject messages to other e-mailadresses than set up in you Windows AD right away instead of queueing it. More info: http://technet.microsoft.com/en-us/exchange/bb288484.aspx.
 
0
 
tt0wnsendAuthor Commented:
I have set this up and it appears to be doing the job. Thanks so much!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now