Exchange Recipient Filter (Anti-Spam) problem after Migrating to 2003 to 2007

Hi,

Right now I have a mixed environment of 2003/2007.  Going back a few months, my Postmaster account was bombarded with SPAM (thousands), but then I implemented recipient filtering in 2003 with tarpitting rules. The spam went away completely and the only thing in Postmaster was legit msg failures (like 1 or 2 a day).

Fast forward now to 2007 being implemented... Ever since I allowed the new exchange server to start acceping incoming mail from Postini the Postmaster account has been filling up with about 100 SPAM messages a day. I have recipient filtering on with restrictions on incoming IP addresses via SMTP. Obviously there is something missing from my 2007 configuration that it's not working as well as it was in 2003. Any suggestions?
LVL 1
njmattAsked:
Who is Participating?
 
MesthaConnect With a Mentor Commented:
If the spam is addressed to postmaster then that is either NDR spam or back scatter. If they are backscatter messages then Postini has to accept those messages, but should be scanning them and dropping the messages if they are spam.
If the messages came through the Postini system then you need to ask Postini why they are not blocking them.

Simon.
0
 
MesthaCommented:
Is the recipient filtering agent enabled? If you telnet to the server and do a test that way, do you get a reject message if sending to a non-valid user?

Simon.
0
 
njmattAuthor Commented:
5.1.1 User unknown
... when I put an a BS user
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
njmattAuthor Commented:
I should mentioned that the SPAM is addressed TO the postmaster.
0
 
njmattAuthor Commented:
I just enabled non-account blocking per the suggestion of someone on the Postini forums. I will keep you posted over the next few hours.
0
 
njmattAuthor Commented:
actually - that seems it will block all of my distributions lists being that those are not added as users. that's no good.
0
 
MesthaCommented:
I don't understand what you think it is blocking in relation to groups. The filter does a plain lookup on the email address. As long as the group is mail enabled with a valid email address then it should be allowed through.

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.