Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Open Relay on Exchange Server 2003

Posted on 2009-05-05
8
704 Views
Last Modified: 2012-05-06
Windows SBS 2003 running Exchange Server 2003. I have unsuccessfully tried to stop email relaying.  I have ensures that ESM DEFAULT SMTP SERVER\PROPERTIES\ACCESS\RELAY is set to ONLY THE LIST BELOW and the list is empty, I have unselected the ALLOW COMPUTERS WHICH SUCCESSFULLY AUTHENTICATE TO RELAY..., I have even gone as far as to add an AD USER GROUP (MAIL RELAY USERS) and added only the email users - no admin accounts - to the USERS list in the RELAY RESTRICTIONS...  I still see different domains trying to relay on my server.  I have restarted the SMTP service after any change I have made.  I can telnet to the server and I am not able to relay.  Here are the results:

220 server.domain.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3
959 ready at  Tue, 5 May 2009 18:43:34 -0500
ehlo
250-server.domain.com Hello [192.168.0.225]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
mail from:sean@saladart.com
250 2.1.0 sean@saladart.com....Sender OK
rcpt to:saladart@yahoo.com
550 5.7.1 Unable to relay for saladart@yahoo.com

I feel I have covered all the basics - BUT I still keep receiving email through the SMTP CONNECTOR that is (from what I can tell) being relayed through my server.  How do I stop it????
0
Comment
Question by:saladart
  • 4
  • 3
8 Comments
 

Author Comment

by:saladart
ID: 24310259
Didn't mention - there is only one exchange server, it is the PDC for the domain as well. All Microsoft updates have been applied...

Is there any more information you need?

Thanks for the assist!
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 24310270
check mxtoolbox.org

Then have some good email server tests

Also you can try using message tracking tool in exchange system manager to track where the messages are coming from
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310274
Under Admin Groups/First Admin Group/Connectors/Internet Mail SMTP Connector/Address Space, uncheck "Allow message to be relayed to these domains".
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:saladart
ID: 24310280
Had that already unchecked...sorry, I missed putting that in the question...
0
 

Author Comment

by:saladart
ID: 24310299
I do have message tracking turned on - in the Application Log, there are numerous Events with an ID of 7004, and 7002.

7004 -
This is an SMTP protocol error log for virtual server ID 1, connection #279. The remote host "64.202.166.12", responded to the SMTP command "rcpt" with "550 sorry, mail to that recipient is not accepted (#5.7.1)  ". The full command sent was "RCPT TO:<moodilyli1@momscookie.com>  ".  This will probably cause the connection to fail.

7002 -
This is an SMTP protocol warning log for virtual server ID 1, connection #269. The remote host "206.65.163.32", responded to the SMTP command "rcpt" with "450 4.7.1 <grisliestn16@bingisser.com>: Recipient address rejected: Greylisting in action, please try again in 5 minutes.  ". The full command sent was "RCPT TO:<grisliestn16@bingisser.com>  ".  This may cause the connection to fail.
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310313
What settings do you have under Authentication under the Access tab? When you click on users in the authentication section, deselect relay permission for authenticated users.
0
 
LVL 8

Expert Comment

by:Pete_Zed
ID: 24310344
The Microsoft web site has a good article about open relay:

http://support.microsoft.com/kb/895853
0
 

Accepted Solution

by:
saladart earned 0 total points
ID: 24310417
Under Authentication, I have ANONYMOUS, BASIC and INTEGRATED selected...

Relay Permission is not selected for Authenticated Users...
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question