Solved

Exchange Server 2003 filtering problems

Posted on 2008-11-03
8
315 Views
Last Modified: 2013-11-30
Our agency is not receiving any email except for those within our agency (intranet) after I made some changes to correct some issues that were being logged in our event viewer for several weeks. We had been receiving event IDs 7004 - "this is an SMTP protocol warning log for virtual server ID 1, connection #, The remote host responded to SMTP command - user unknown." Our queues would fill up (in system manager) with email that could not go out from postal.hdhcs.org (That is our external domain name hdhcs.org).

I thought we might be getting used as an open relay, so I took out all relay permissions. Do users in my organization need to relay? I am not sure I understand the concept.

I also set up Intelligent Mail Filtering and set up some filters for senders. I don't remember the exact changes I made, but have changed things back now to: Message Delivery - General - IP address for server handling incoming SMTP - I entered out internal IP address of email server. I now have no sender filtering configured now and my Intelligent Message filtering is set up for 8 - block messages setting.

My default SMTP virtual server properties is set up for the default virtual server which is the internal address of our email server. I now have it set up for anonymous access. Submit permission - authenticated users, no relay permissions. I have no connectors set up.

Can you help me figure out why we are no longer receiving email from the outside world?
0
Comment
Question by:tt0wnsend
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 5

Expert Comment

by:buddhole
ID: 22867755
Is the AD lookup for mailboxes working in IMF (under recipient filtering)  ? What is the error when you send mail from e.g. hotmail ? I treid the postmaster account, but that returned 5.1.1 (mailbox unavailable).
0
 

Author Comment

by:tt0wnsend
ID: 22867806
I did not receive an error when I sent from hotmail. I did make a few changes and am receiving email again now (including yours) but am now receiving the 7010 events in the event log again. The change I made that must have corrected the problem was in the SMTP protocol section of the virtual server settings - I changed to hdhcs.org (which is what I think it was before I tinkered with it Friday and changed it to hdhomecare.com)
0
 
LVL 5

Expert Comment

by:buddhole
ID: 22869953
Good to hear mail is working again. To troubleshoot the event id I'ld suggest turning om SMTP logging at the maximum to see what's causing the logon errors. See http://www.msexchange.org/tutorials/Logging_the_SMTP_Service.html for more info. This site http://eventid.net/display.asp?eventid=7004&eventno=3510&source=MSExchangeTransport&phase=1 has several solutions, like changing the servername and fully qualified domain name in the smtp server so it's exactly the same as the mx record at the isp (postal.hdhcs.org).
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 

Author Comment

by:tt0wnsend
ID: 22870685
I have now changed the fully qualified domain name in the smtp server to postal.hdhcs.org. I have printed out the articles above and I do see where this information should be very helpful. thanks. I will let you know tomorrow is this will be the accepted solution.

Could I ask one more question? when I see messages in my event log such as "unable to relay for dvdr2000@yahoo.com.tw or infor@ hcdbs.org (our name spelled wrong)" I assume I don't wnat to be able to relay for those????? Is this people trying to use our server as a relay?
0
 
LVL 5

Expert Comment

by:buddhole
ID: 22874616
Probably yes. You can use the smtp logs to verify that. Especially if you had relay problems in the past some people/server will keep on trying to relay trough your server. This will get less as time goes by.
0
 

Author Comment

by:tt0wnsend
ID: 22885771
I am attaching three of my event log errors for you to log at - one notepad file.

Do I just have to live with all these errors in my event log until it gets less as time goes by? Will it get less after these relayers realize they can't relay through us?
filetosendtoExportsExchange.txt
0
 
LVL 5

Accepted Solution

by:
buddhole earned 500 total points
ID: 22889483
To make your server reject spam messages right away use the Exchange IMF with active directory lookup enabled in the recipient filtering tab. It will make your server reject messages to other e-mailadresses than set up in you Windows AD right away instead of queueing it. More info: http://technet.microsoft.com/en-us/exchange/bb288484.aspx.
 
0
 

Author Closing Comment

by:tt0wnsend
ID: 31512689
I have set this up and it appears to be doing the job. Thanks so much!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you’re making plans to join the modern business race, you should analyze various details that may affect your results. Nowadays, millions of businesses are trying to grow into established and appreciated professional enterprises.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question