Solved

Exchange 2010 sending lots of traffic out

Posted on 2010-08-31
4
366 Views
Last Modified: 2012-05-10
I recently setup a new exchange 2010 server and created a new MX record on the web for the server. I have a cisco ASA5520 and I did a static translation to point a public ip at the private ip address. This worked fine for a day until I started seeing A LOT!! of traffic being generated from exchange. I have installed wireshark on my exchange machine and can see a lot of email traffic that should not be there. I also looked in the queue viewer on exchange 2010 and I see 9946 messages in the queue. They are all over the place, baahi.com, babenhausen.org, babywearinginternation.com, bagan.net.mm, bags-purses-totes.com, and so forth with about 10000 haha. How can I get these out of my queue and stop exchange from sending these?
0
Comment
Question by:justin0104
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 9

Expert Comment

by:Dan Arseneau
ID: 33573174
Go to http://www.mxtoolbox.com and test your server for open relay.  This is usually the cause of such a mess.  Also, to help reduce those pesky Reply-To headers, add a TXT record to your external DNS.

Domain.com TXT "v=spf1 mx ~all"

With the quotes.
0
 

Author Comment

by:justin0104
ID: 33573191
What do you mean add a text record to the domain on the external DNS entry. I know we have an external MX record created to point to the public ip of exchange. On that DNS record should I create that text record? What should it say and what does it mean? I also checked out the mxtoolbox site but didn't see anything there to check for open relay?
0
 
LVL 9

Expert Comment

by:Dan Arseneau
ID: 33573201
As for mxtoolbox.  Just type in the IP you have defined on your external DNS for your SMTP server...then follow the instructions.

The TXT record is actually a SPF record.  It tells receiving servers that only the IP defined in your MX record is allowed to send from that domain.  It helps prevent you looking like you're sending SPAM.
0
 
LVL 9

Accepted Solution

by:
Dan Arseneau earned 500 total points
ID: 33573204
...sorry, not your IP...type in your domain name like domain.com.  The site will run various test and report back its fndings.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question