Solved

Open Relay Exchange 2007

Posted on 2009-04-01
4
410 Views
Last Modified: 2013-11-30
I recently deployed Exchange 2007 in a test environment with some DNS domains I use for a lab.  Almost immediately after I opened port 25 for mail, the network started performing very badly.  I took a look at the Queue Viewer and there were about 6000 messages in the queue going outbound, indicating I had obviously created an open relay.  I quickly stopped the Exchange Transport service and normal operation resumed.  

I will gladly provide 2000 points to anyone who can provide ALL of the following:

-An easy to follow procedure to eliminate Open Relay on Exchange 2007
-A recommendation for a decent software based SPAM filtering solution
-A way to test for open relay / SMTP best practic config
-The best website for finding out if my IP addresses are black listed for open relay.

Thanks in advance.
0
Comment
Question by:ged125
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
AJermo earned 500 total points
ID: 24041125
short answers:
-An easy to follow procedure to eliminate Open Relay on Exchange 2007
1. Use edge transport role on seperate server. by default relay isn't permitted/configured even on the hub transport

-A recommendation for a decent software based SPAM filtering solution
2. the edge role has some spam filtering and anti-virus options built in, I'd strongly suggesting checking it out before doing something different. If you decide to go with a 3rd party solution then Baraccuda imho is one of the better solutions.

-A way to test for open relay / SMTP best practic config
3. use Telnet to send a spoof email to an address you don't host on your production server, you should get an error that relaying isn't permitted.
Here are the steps:

 cut and past from http://www.msexchange.org/pages/article.asp?id=54
1.       Open a Command Prompt window

2.       At the Command Prompt, type Telnet

3.       You will now be presented with the Telnet prompt, type OPEN 25

Notice the server responding with an error message:  Unable to relay for mark@4mcts.com.  This is telling me I have a Closed Relay.



-The best website for finding out if my IP addresses are black listed for open relay.
4. Read the recieve logs, the transaction will  usually indicate who's black list is reporting you and where to go for removal.  


0
 
LVL 6

Expert Comment

by:AJermo
ID: 24041138
forgot the link for teh anti-spam/anti-virus informaiton for edge role
http://www.microsoft.com/exchange/evaluation/features/default.mspx

0
 
LVL 65

Expert Comment

by:Mestha
ID: 24042653
Exchange 2007 is relay secure by default. Therefore you must have made a configuration error.
It is actually quite hard to turn the server in to an open relay. What did you change after deployment? You said that you entered some domains, what did you enter? Did you change the Receive connectors, send connectors?

You do NOT have to deploy an Edge server to secure the server or stop an open relay, and an antispam tool is not required either. This is basic configuration of the server.

Simon.
0
 
LVL 6

Author Closing Comment

by:ged125
ID: 31565391
Thank you!
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
The viewer will learn how to create multiple layers to apply various filters and how to delete areas from each layer’s filter.
This video demonstrates how to use each tool, their shortcuts, where and when to use them, and how to use the keyboard to improve workflow.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now