Solved

Exchange Server 2003 relaying

Posted on 2011-03-22
5
182 Views
Last Modified: 2012-05-11
Hello,

One of our Exchange Server 2003 servers was relayed off of today.  Our ISP saw the traffic and blocked all outgoing from our IP address.  they can quickly turn it on, but I am concerned that the probel is still going on.  My firewall shows perhaps a couple of hundred connections to different IP addresses on ports 25 and another port whidch our ISp had designated using.

0
Comment
Question by:SRC-S1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 10

Accepted Solution

by:
Hutch_77 earned 250 total points
ID: 35195526
Turn relaying off on the exchang eserver before you are blacklisted.. or if you need it set it to authenticate or limit it to specific IP's
0
 

Expert Comment

by:acymcsc
ID: 35195789
You should probably look at the source ip address from which the traffic is coming from.  The block those not authorized to send smtp traffic.
0
 
LVL 10

Expert Comment

by:Muzafar Momin
ID: 35196454
use exchange mail/spam solution(baracoda, ironport.. etc) to avoid such issues
0
 
LVL 17

Expert Comment

by:Viral Rathod
ID: 35197018
1) You need to first check if your server is open realy or not by going  to "http://www.mxtoolbox.com/diagnostic.aspx"

2) Refer follwing article to help Reducing Spam Mails
 
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 35197040
Please have a read of my article and see if you are an Authenticated relay:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

If you are, you need to figure out which account(s) are being abused and change the password for that account, then restart the SMTP Service and tighten up your security.

My blogs have useful information for you if that is the case:

http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/

http://alanhardisty.wordpress.com/2010/12/01/increase-in-hacker-attempts-on-windows-exchange-servers-one-way-to-slow-them-down/
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question