[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 221
  • Last Modified:

How to stop being spammed by senders with gibberish addresses

I have all my relay access setup to only allow relays from the local subset but there are some external attackers sending thousands of emails to my address and for some reason exchange is allowing it. the sender is almost always some .tw TLD but the name on all of them is very long full of special characters i.e. 110%¶WÃB©Ð¶U¼t¿ì©±­±¡C¨T¨®¶U´Ú¡C©Ð«Î¥þÃB¶U´Ú¡C¦Xªk¯²¸î¤½¥q'«È²¼¶K²{'¦~®§17%¡CªA°È¹q¸Ü¡G¢¯¢¸¢´¢·¢´¢µ¢¸¢¯¢²¢´¡E·í¤é©ñ´Ú¡C.
it is causing me to be spam black listed. is there anything that i can do in exchange to stop it without using some sort of MX relay?
i added a Block List Server in connection filtering and i have tried adding the source IP addresses of the spammers but it changes ever hour and that doesn't help.
1 Solution
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I would turn OFF relaying IMMEDIATELY on your Exchange Server.

and then either use Authentication internally, or create a new SMTP server for use internally.

There's no reason to allow relaying from the entire local subnet; their workstation mail clients should be using MAPI which removes the need for relaying.

Incoming email can't put you on a blacklist. Your mail server or a system on your network has some issues going on.

I highly recommend heading to http://mxtoolbox.com/ and running the SMTP diagnostic test to see if your Exchange server is an open relay. That would explain the blacklisting if it is.

As far as the emails being sent in, my other recommendation is - unless you need to receive mail from people in the .tw domain is to block all connections from .tw hosts. http://www.nirsoft.net/countryip/tw.html has a list of the IP address ranges used by that TLD.
Blue Street TechLast KnightsCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now