Solved

Exchange Server 2003 filtering problems

Posted on 2008-11-03
8
312 Views
Last Modified: 2013-11-30
Our agency is not receiving any email except for those within our agency (intranet) after I made some changes to correct some issues that were being logged in our event viewer for several weeks. We had been receiving event IDs 7004 - "this is an SMTP protocol warning log for virtual server ID 1, connection #, The remote host responded to SMTP command - user unknown." Our queues would fill up (in system manager) with email that could not go out from postal.hdhcs.org (That is our external domain name hdhcs.org).

I thought we might be getting used as an open relay, so I took out all relay permissions. Do users in my organization need to relay? I am not sure I understand the concept.

I also set up Intelligent Mail Filtering and set up some filters for senders. I don't remember the exact changes I made, but have changed things back now to: Message Delivery - General - IP address for server handling incoming SMTP - I entered out internal IP address of email server. I now have no sender filtering configured now and my Intelligent Message filtering is set up for 8 - block messages setting.

My default SMTP virtual server properties is set up for the default virtual server which is the internal address of our email server. I now have it set up for anonymous access. Submit permission - authenticated users, no relay permissions. I have no connectors set up.

Can you help me figure out why we are no longer receiving email from the outside world?
0
Comment
Question by:tt0wnsend
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 5

Expert Comment

by:buddhole
ID: 22867755
Is the AD lookup for mailboxes working in IMF (under recipient filtering)  ? What is the error when you send mail from e.g. hotmail ? I treid the postmaster account, but that returned 5.1.1 (mailbox unavailable).
0
 

Author Comment

by:tt0wnsend
ID: 22867806
I did not receive an error when I sent from hotmail. I did make a few changes and am receiving email again now (including yours) but am now receiving the 7010 events in the event log again. The change I made that must have corrected the problem was in the SMTP protocol section of the virtual server settings - I changed to hdhcs.org (which is what I think it was before I tinkered with it Friday and changed it to hdhomecare.com)
0
 
LVL 5

Expert Comment

by:buddhole
ID: 22869953
Good to hear mail is working again. To troubleshoot the event id I'ld suggest turning om SMTP logging at the maximum to see what's causing the logon errors. See http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html for more info. This site http://eventid.net/display.asp?eventid=7004&eventno=3510&source=MSExchangeTransport&phase=1 has several solutions, like changing the servername and fully qualified domain name in the smtp server so it's exactly the same as the mx record at the isp (postal.hdhcs.org).
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:tt0wnsend
ID: 22870685
I have now changed the fully qualified domain name in the smtp server to postal.hdhcs.org. I have printed out the articles above and I do see where this information should be very helpful. thanks. I will let you know tomorrow is this will be the accepted solution.

Could I ask one more question? when I see messages in my event log such as "unable to relay for dvdr2000@yahoo.com.tw or infor@ hcdbs.org (our name spelled wrong)" I assume I don't wnat to be able to relay for those????? Is this people trying to use our server as a relay?
0
 
LVL 5

Expert Comment

by:buddhole
ID: 22874616
Probably yes. You can use the smtp logs to verify that. Especially if you had relay problems in the past some people/server will keep on trying to relay trough your server. This will get less as time goes by.
0
 

Author Comment

by:tt0wnsend
ID: 22885771
I am attaching three of my event log errors for you to log at - one notepad file.

Do I just have to live with all these errors in my event log until it gets less as time goes by? Will it get less after these relayers realize they can't relay through us?
filetosendtoExportsExchange.txt
0
 
LVL 5

Accepted Solution

by:
buddhole earned 500 total points
ID: 22889483
To make your server reject spam messages right away use the Exchange IMF with active directory lookup enabled in the recipient filtering tab. It will make your server reject messages to other e-mailadresses than set up in you Windows AD right away instead of queueing it. More info: http://technet.microsoft.com/en-us/exchange/bb288484.aspx.
 
0
 

Author Closing Comment

by:tt0wnsend
ID: 31512689
I have set this up and it appears to be doing the job. Thanks so much!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCH2013 Public Folder creation 1 50
Exchange 2010 - SAN cert renewal 5 50
Migrate calendar from 2003 to 2016 12 47
Exchange Online Archive 2 27
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
how to add IIS SMTP to handle application/Scanner relays into office 365.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question