• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 717
  • Last Modified:

Open Relay on Exchange Server 2003

Windows SBS 2003 running Exchange Server 2003. I have unsuccessfully tried to stop email relaying.  I have ensures that ESM DEFAULT SMTP SERVER\PROPERTIES\ACCESS\RELAY is set to ONLY THE LIST BELOW and the list is empty, I have unselected the ALLOW COMPUTERS WHICH SUCCESSFULLY AUTHENTICATE TO RELAY..., I have even gone as far as to add an AD USER GROUP (MAIL RELAY USERS) and added only the email users - no admin accounts - to the USERS list in the RELAY RESTRICTIONS...  I still see different domains trying to relay on my server.  I have restarted the SMTP service after any change I have made.  I can telnet to the server and I am not able to relay.  Here are the results:

220 server.domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3
959 ready at  Tue, 5 May 2009 18:43:34 -0500
ehlo
250-server.domain.com Hello [192.168.0.225]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sean@saladart.com
250 2.1.0 sean@saladart.com....Sender OK
rcpt to:saladart@yahoo.com
550 5.7.1 Unable to relay for saladart@yahoo.com

I feel I have covered all the basics - BUT I still keep receiving email through the SMTP CONNECTOR that is (from what I can tell) being relayed through my server.  How do I stop it????
0
saladart
Asked:
saladart
  • 4
  • 3
1 Solution
 
saladartAuthor Commented:
Didn't mention - there is only one exchange server, it is the PDC for the domain as well. All Microsoft updates have been applied...

Is there any more information you need?

Thanks for the assist!
0
 
OriNetworksCommented:
check mxtoolbox.org

Then have some good email server tests

Also you can try using message tracking tool in exchange system manager to track where the messages are coming from
0
 
Pete_ZedCommented:
Under Admin Groups/First Admin Group/Connectors/Internet Mail SMTP Connector/Address Space, uncheck "Allow message to be relayed to these domains".
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
saladartAuthor Commented:
Had that already unchecked...sorry, I missed putting that in the question...
0
 
saladartAuthor Commented:
I do have message tracking turned on - in the Application Log, there are numerous Events with an ID of 7004, and 7002.

7004 -
This is an SMTP protocol error log for virtual server ID 1, connection #279. The remote host "64.202.166.12", responded to the SMTP command "rcpt" with "550 sorry, mail to that recipient is not accepted (#5.7.1)  ". The full command sent was "RCPT TO:<moodilyli1@momscookie.com>  ".  This will probably cause the connection to fail.

7002 -
This is an SMTP protocol warning log for virtual server ID 1, connection #269. The remote host "206.65.163.32", responded to the SMTP command "rcpt" with "450 4.7.1 <grisliestn16@bingisser.com>: Recipient address rejected: Greylisting in action, please try again in 5 minutes.  ". The full command sent was "RCPT TO:<grisliestn16@bingisser.com>  ".  This may cause the connection to fail.
0
 
Pete_ZedCommented:
What settings do you have under Authentication under the Access tab? When you click on users in the authentication section, deselect relay permission for authenticated users.
0
 
Pete_ZedCommented:
The Microsoft web site has a good article about open relay:

http://support.microsoft.com/kb/895853
0
 
saladartAuthor Commented:
Under Authentication, I have ANONYMOUS, BASIC and INTEGRATED selected...

Relay Permission is not selected for Authenticated Users...
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now