Solved

Exchange 2010 sending lots of traffic out

Posted on 2010-08-31
4
362 Views
Last Modified: 2012-05-10
I recently setup a new exchange 2010 server and created a new MX record on the web for the server. I have a cisco ASA5520 and I did a static translation to point a public ip at the private ip address. This worked fine for a day until I started seeing A LOT!! of traffic being generated from exchange. I have installed wireshark on my exchange machine and can see a lot of email traffic that should not be there. I also looked in the queue viewer on exchange 2010 and I see 9946 messages in the queue. They are all over the place, baahi.com, babenhausen.org, babywearinginternation.com, bagan.net.mm, bags-purses-totes.com, and so forth with about 10000 haha. How can I get these out of my queue and stop exchange from sending these?
0
Comment
Question by:justin0104
  • 3
4 Comments
 
LVL 9

Expert Comment

by:Dan Arseneau
ID: 33573174
Go to http://www.mxtoolbox.com and test your server for open relay.  This is usually the cause of such a mess.  Also, to help reduce those pesky Reply-To headers, add a TXT record to your external DNS.

Domain.com TXT "v=spf1 mx ~all"

With the quotes.
0
 

Author Comment

by:justin0104
ID: 33573191
What do you mean add a text record to the domain on the external DNS entry. I know we have an external MX record created to point to the public ip of exchange. On that DNS record should I create that text record? What should it say and what does it mean? I also checked out the mxtoolbox site but didn't see anything there to check for open relay?
0
 
LVL 9

Expert Comment

by:Dan Arseneau
ID: 33573201
As for mxtoolbox.  Just type in the IP you have defined on your external DNS for your SMTP server...then follow the instructions.

The TXT record is actually a SPF record.  It tells receiving servers that only the IP defined in your MX record is allowed to send from that domain.  It helps prevent you looking like you're sending SPAM.
0
 
LVL 9

Accepted Solution

by:
Dan Arseneau earned 500 total points
ID: 33573204
...sorry, not your IP...type in your domain name like domain.com.  The site will run various test and report back its fndings.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now