• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 190
  • Last Modified:

Exchange Server 2003 relaying

Hello,

One of our Exchange Server 2003 servers was relayed off of today.  Our ISP saw the traffic and blocked all outgoing from our IP address.  they can quickly turn it on, but I am concerned that the probel is still going on.  My firewall shows perhaps a couple of hundred connections to different IP addresses on ports 25 and another port whidch our ISp had designated using.

0
SRC-S1
Asked:
SRC-S1
2 Solutions
 
Hutch_77Commented:
Turn relaying off on the exchang eserver before you are blacklisted.. or if you need it set it to authenticate or limit it to specific IP's
0
 
acymcscCommented:
You should probably look at the source ip address from which the traffic is coming from.  The block those not authorized to send smtp traffic.
0
 
Muzafar MominCommented:
use exchange mail/spam solution(baracoda, ironport.. etc) to avoid such issues
0
 
Viral RathodConsultantCommented:
1) You need to first check if your server is open realy or not by going  to "http://www.mxtoolbox.com/diagnostic.aspx"

2) Refer follwing article to help Reducing Spam Mails
 
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2527-How-to-prevent-Spoofed-Emails-in-Exchange-2003.html
0
 
Alan HardistyCo-OwnerCommented:
Please have a read of my article and see if you are an Authenticated relay:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

If you are, you need to figure out which account(s) are being abused and change the password for that account, then restart the SMTP Service and tighten up your security.

My blogs have useful information for you if that is the case:

http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/

http://alanhardisty.wordpress.com/2010/12/01/increase-in-hacker-attempts-on-windows-exchange-servers-one-way-to-slow-them-down/
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now