Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Open Relay Exchange 2007

Posted on 2009-04-01
4
413 Views
Last Modified: 2013-11-30
I recently deployed Exchange 2007 in a test environment with some DNS domains I use for a lab.  Almost immediately after I opened port 25 for mail, the network started performing very badly.  I took a look at the Queue Viewer and there were about 6000 messages in the queue going outbound, indicating I had obviously created an open relay.  I quickly stopped the Exchange Transport service and normal operation resumed.  

I will gladly provide 2000 points to anyone who can provide ALL of the following:

-An easy to follow procedure to eliminate Open Relay on Exchange 2007
-A recommendation for a decent software based SPAM filtering solution
-A way to test for open relay / SMTP best practic config
-The best website for finding out if my IP addresses are black listed for open relay.

Thanks in advance.
0
Comment
Question by:ged125
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
AJermo earned 500 total points
ID: 24041125
short answers:
-An easy to follow procedure to eliminate Open Relay on Exchange 2007
1. Use edge transport role on seperate server. by default relay isn't permitted/configured even on the hub transport

-A recommendation for a decent software based SPAM filtering solution
2. the edge role has some spam filtering and anti-virus options built in, I'd strongly suggesting checking it out before doing something different. If you decide to go with a 3rd party solution then Baraccuda imho is one of the better solutions.

-A way to test for open relay / SMTP best practic config
3. use Telnet to send a spoof email to an address you don't host on your production server, you should get an error that relaying isn't permitted.
Here are the steps:

 cut and past from http://www.msexchange.org/pages/article.asp?id=54
1.       Open a Command Prompt window

2.       At the Command Prompt, type Telnet

3.       You will now be presented with the Telnet prompt, type OPEN 25

Notice the server responding with an error message:  Unable to relay for mark@4mcts.com.  This is telling me I have a Closed Relay.



-The best website for finding out if my IP addresses are black listed for open relay.
4. Read the recieve logs, the transaction will  usually indicate who's black list is reporting you and where to go for removal.  


0
 
LVL 6

Expert Comment

by:AJermo
ID: 24041138
forgot the link for teh anti-spam/anti-virus informaiton for edge role
http://www.microsoft.com/exchange/evaluation/features/default.mspx

0
 
LVL 65

Expert Comment

by:Mestha
ID: 24042653
Exchange 2007 is relay secure by default. Therefore you must have made a configuration error.
It is actually quite hard to turn the server in to an open relay. What did you change after deployment? You said that you entered some domains, what did you enter? Did you change the Receive connectors, send connectors?

You do NOT have to deploy an Edge server to secure the server or stop an open relay, and an antispam tool is not required either. This is basic configuration of the server.

Simon.
0
 
LVL 6

Author Closing Comment

by:ged125
ID: 31565391
Thank you!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question