Exchange 2010 is maybe an open relay according to mxtoolbox

Could you paste in a copy of the MXToolbox results, at least the part that gives you the "maybe" message? There are some potential false positives that you can get, and I'd like to see the results. You can munge them if you need to.

Ok I will send you the resulat.  The only thing i've done is setting up the send connector.  I read a lot of articles about open relay.  But I don't understand why so many articles are talking about closing open relay as it's not even opened by default in Exchange 2010 or 2010 SP1

I must say there were a lot of "retrying" send  from strange domains  in the queue and it was spam.  But I guess it was stopped before it can be sent out.

 May be an open relay.
 0 seconds - Good on Connection time
 5.382 seconds - Warning on Transaction time
 OK - 207.xxx.xxx.xxx resolves to mail.mydomain.com
 OK - Reverse DNS matches SMTP Banner

HELO please-read-policy.mxtoolbox.com
250 S1-XHBCA-001.mydomain.com Hello [64.20.227.133] [62 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Sender OK [62 ms]

@quadrumane - Have you seen my earlier comment yet?

agreed. with the log shown above, this just shows it is accepting a message, its only an attempt to relagy if the sender AND recipient are not in your domain....

The relay is not related to the send connector though, its the recieve one. When you set up your receive connectors using the wizard in EMC, you specify what kind of servers you are setting up the receive connector for. if you select internal/custom you are allowing relays by default.

http://technet.microsoft.com/en-us/library/bb125159.aspx
See 3b, "intended use for this connector"

This is where relay is set!

Yes I saw it.  But if Exchange is already not used as an open relay by default, why would you add this ?

The test I've done on the other open relay testing site has not seen it as an open relay

Ok so the server is not incredibly slow all of a sudden because it's an open relay because it's not.  Now I have to deal with the w3wp.exe

Here is the Exchange queue, just to make sure you see it.
queue-exchange.jpg

@quadrumane
>>  But if Exchange is already not used as an open relay by default, why would you add this ? <<
You stated you could be an open relay and as this is a support site, I am offering you some support and a way to close down the Open Relay which you may or may not have.
If I am wasting my time trying to help you I have other things I can turn my attention to.

Alan I'm not trying to waste your time.  I just want to understand why Microsoft seems to think we have nothing more to do in order to keep Exchange from being an open relay.  Before to follow your advice I want to make sure I get all the information.

I want to understand on the contrary, I'm sorry if you got me wrong it was not my intention.  

Thanks

Alan, advice taken.   I still don't understand why it is seen as an open relay on mxtoolbox but not on Checkor.  Maybe mxtoolbox is looking at the number or attempts to hack out the system.

Thanks

Ok so as far as I understand, according to the picture I sent you,  I could have some problem with backscatter but Exchange won't be seens as an open realy.  Backscatter is the only one to ask for a payment to be unlisted.  

As  soon as I removed the send connector by the way both exchange got faster.  

Thanks

Good. You are not an open relay. Thats progress.
You are sending ndrs to every spammer that sends you rubbish tho.
This is knows as an ndr attack or a backscatter attack as mentioned above.
Disable NDRs or reject email to unknown recipients and check if your queues calm down after a few days to confirm.
The send connector is slowing your system down by replying to EVERY junkmail received.  

excellent !

Thanks everyone, it helped me a lot.