Solved

exchange 2003

Posted on 2011-09-26
11
198 Views
Last Modified: 2012-05-12
what is the quckest way to clear out the queue in exchange 2003? over the weekend, something happened and my queue is FULL of stuff, it looks like something is try to relay through my server, so i just want to blow out everything in the queue
0
Comment
Question by:JeffBeall
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 23

Assisted Solution

by:Stelian Stan
Stelian Stan earned 167 total points
ID: 36599496
0
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 36599559
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36599943
Please have a read of my article so that you can identify which of your accounts the spammer is abusing so that you can stop this happening again, which it will:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

You can use aquadmcli.exe to purge the queues quickly:
http://community.spiceworks.com/how_to/show/267
0
 
LVL 1

Author Comment

by:JeffBeall
ID: 36669284
i had to put postmaster@mydomain.com in sender filtering to stop all the bogus email. how can i clean up after this?
0
 
LVL 6

Assisted Solution

by:Em Man
Em Man earned 166 total points
ID: 36670822
make sure your Exchange Server is not an Open Relay.
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36708937
Have you read my article?

You are either an authenticated relay and need to identify the account, or you are not recipient filtering and need to.

Which is it?

Who is the sender of the emails in your queue?  Random users from a domain not hosted by your server or postmaster@yourdomain.com?
0
 
LVL 1

Author Comment

by:JeffBeall
ID: 36709298
yes alanhardisty, i read your article, and i thought it was very good. but maybe i didn't read something carefully enough.
all i know is that once i put postmaster@mydomain.com in recipient filtering, and checked  - filter recipients who are not in the directory, the attack stopped and my queue is perfect.
i can send and receive emails.
so should i keep postmaster@mydomain.com in recipient filtering? or are there problems keeping this setting?
now that my queue is clear, i don't have one of the bogus emails to look at who the sender was.
i did look at those emails when i had them, but i guess i couldn't tell who was the sender.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36709358
Okay - so you enabled Recipient Filtering - which means you now won't be sending NDR (Non Delivery Reports) back to spammers.

When you don't recipient filter, and you get inundated with spam, your server will accept all the messages, then try to deliver them, discover that the recipient doesn't exist and will then send a Non Delivery Report back to the sender, which will usually be a forged address, so a proportion of the NDR messages won't be deliverable (because they have been made up).

The problem is, that some messages will be sent to people that didn't send you messages and this will mean you will probably be Blacklisted on Backscatterer.org as a result.

Now that you have Recipient Filtering enabled, your server checks the Recipient details on inbound messages and if the Recipient doesn't exist on your server, the server will reject the message and the Sender will then be the one responsible for sending the NDR message (not you).

So - what was happening was that you were being inundated with spam and you were not Recipient Filtering.

You should now remove the postmaster@mydomain.com filter but leave Recipient Filtering Enabled.

Check on www.mxtoolbox.com/blacklists.aspx and see if your IP Address is blacklisted with Backscatterer.org.  It probably will be but will drop off in about 30 days time automatically.

Until then, you may have some problems sending mail to some domains because they will use this blacklist to reject spam and because they will find you on it, your messages will be rejected.

To bypass this, you can setup a new SMTP Connector to send emails for the problem domains via your ISP's mail server (Smarthost).

For details of how to do this, please have a read of the following:

http://www.msexchange.org/tutorials/configuring-smtp-connector.html

Alan
0
 
LVL 1

Author Comment

by:JeffBeall
ID: 36709637
ok, i took postmaster out of recepient filtering and all is still well with my queue.
also, i tried the link to see if i'm black listed, and i am not!! so good news, i guess i caught it in time.
any suggestions on how to clean up after this? i apologize in advance if the clean up is in your article, i started googleing so many things, i lost track of what was where.
my queue is nice and clean, i just didn't know if there were other things to consider.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 167 total points
ID: 36709688
Nothing to cleanup by the sounds of it.  If you have nipped the issue in the bud, then you should be fine.  Not being Blacklisted is good news.  Hopefully it will stay that way.

Recipient Filtering was the answer in this case, which hopefully my article would have pointed you towards as the solution.
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 36777106
thanks for the help, all is well with my server now.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now