Solved

Open Relay on Exchange Server 2003

Posted on 2009-05-05
8
708 Views
Last Modified: 2012-05-06
Windows SBS 2003 running Exchange Server 2003. I have unsuccessfully tried to stop email relaying.  I have ensures that ESM DEFAULT SMTP SERVER\PROPERTIES\ACCESS\RELAY is set to ONLY THE LIST BELOW and the list is empty, I have unselected the ALLOW COMPUTERS WHICH SUCCESSFULLY AUTHENTICATE TO RELAY..., I have even gone as far as to add an AD USER GROUP (MAIL RELAY USERS) and added only the email users - no admin accounts - to the USERS list in the RELAY RESTRICTIONS...  I still see different domains trying to relay on my server.  I have restarted the SMTP service after any change I have made.  I can telnet to the server and I am not able to relay.  Here are the results:

220 server.domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3
959 ready at  Tue, 5 May 2009 18:43:34 -0500
ehlo
250-server.domain.com Hello [192.168.0.225]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sean@saladart.com
250 2.1.0 sean@saladart.com....Sender OK
rcpt to:saladart@yahoo.com
550 5.7.1 Unable to relay for saladart@yahoo.com

I feel I have covered all the basics - BUT I still keep receiving email through the SMTP CONNECTOR that is (from what I can tell) being relayed through my server.  How do I stop it????
0
Comment
Question by:saladart
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 

Author Comment

by:saladart
ID: 24310259
Didn't mention - there is only one exchange server, it is the PDC for the domain as well. All Microsoft updates have been applied...

Is there any more information you need?

Thanks for the assist!
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 24310270
check mxtoolbox.org

Then have some good email server tests

Also you can try using message tracking tool in exchange system manager to track where the messages are coming from
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310274
Under Admin Groups/First Admin Group/Connectors/Internet Mail SMTP Connector/Address Space, uncheck "Allow message to be relayed to these domains".
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:saladart
ID: 24310280
Had that already unchecked...sorry, I missed putting that in the question...
0
 

Author Comment

by:saladart
ID: 24310299
I do have message tracking turned on - in the Application Log, there are numerous Events with an ID of 7004, and 7002.

7004 -
This is an SMTP protocol error log for virtual server ID 1, connection #279. The remote host "64.202.166.12", responded to the SMTP command "rcpt" with "550 sorry, mail to that recipient is not accepted (#5.7.1)  ". The full command sent was "RCPT TO:<moodilyli1@momscookie.com>  ".  This will probably cause the connection to fail.

7002 -
This is an SMTP protocol warning log for virtual server ID 1, connection #269. The remote host "206.65.163.32", responded to the SMTP command "rcpt" with "450 4.7.1 <grisliestn16@bingisser.com>: Recipient address rejected: Greylisting in action, please try again in 5 minutes.  ". The full command sent was "RCPT TO:<grisliestn16@bingisser.com>  ".  This may cause the connection to fail.
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310313
What settings do you have under Authentication under the Access tab? When you click on users in the authentication section, deselect relay permission for authenticated users.
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310344
The Microsoft web site has a good article about open relay:

http://support.microsoft.com/kb/895853
0
 

Accepted Solution

by:
saladart earned 0 total points
ID: 24310417
Under Authentication, I have ANONYMOUS, BASIC and INTEGRATED selected...

Relay Permission is not selected for Authenticated Users...
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question