Solved

Exchange Recipient Filter (Anti-Spam) problem after Migrating to 2003 to 2007

Posted on 2009-04-14
7
296 Views
Last Modified: 2013-11-22
Hi,

Right now I have a mixed environment of 2003/2007.  Going back a few months, my Postmaster account was bombarded with SPAM (thousands), but then I implemented recipient filtering in 2003 with tarpitting rules. The spam went away completely and the only thing in Postmaster was legit msg failures (like 1 or 2 a day).

Fast forward now to 2007 being implemented... Ever since I allowed the new exchange server to start acceping incoming mail from Postini the Postmaster account has been filling up with about 100 SPAM messages a day. I have recipient filtering on with restrictions on incoming IP addresses via SMTP. Obviously there is something missing from my 2007 configuration that it's not working as well as it was in 2003. Any suggestions?
0
Comment
Question by:njmatt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24139807
Is the recipient filtering agent enabled? If you telnet to the server and do a test that way, do you get a reject message if sending to a non-valid user?

Simon.
0
 
LVL 1

Author Comment

by:njmatt
ID: 24141317
5.1.1 User unknown
... when I put an a BS user
0
 
LVL 1

Author Comment

by:njmatt
ID: 24141534
I should mentioned that the SPAM is addressed TO the postmaster.
0
Office 365 Training for IT Pros

Learn how to provision Office 365 tenants, synchronize your on-premise Active Directory, and implement Single Sign-On.

 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
ID: 24142697
If the spam is addressed to postmaster then that is either NDR spam or back scatter. If they are backscatter messages then Postini has to accept those messages, but should be scanning them and dropping the messages if they are spam.
If the messages came through the Postini system then you need to ask Postini why they are not blocking them.

Simon.
0
 
LVL 1

Author Comment

by:njmatt
ID: 24148060
I just enabled non-account blocking per the suggestion of someone on the Postini forums. I will keep you posted over the next few hours.
0
 
LVL 1

Author Comment

by:njmatt
ID: 24148080
actually - that seems it will block all of my distributions lists being that those are not added as users. that's no good.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24150515
I don't understand what you think it is blocking in relation to groups. The filter does a plain lookup on the email address. As long as the group is mail enabled with a valid email address then it should be allowed through.

Simon.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question