Solved

Exchange server 2007  Spam

Posted on 2013-05-24
10
377 Views
Last Modified: 2013-05-29
I have a exchange server 2007.

Accepted domains:

mydomain.de --Internal Relaydomain
mydomain.com -- External Relaydomain(standard)

i got many spams Internal Relaydomain.
example:
hotelbook.mydomain.de etc

How can i block them? Pls immediantlly help !!!!!
0
Comment
Question by:apollo-13
  • 6
  • 3
10 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 125 total points
ID: 39195685
Please enable the Exchange 2007 anti-spam features: http://technet.microsoft.com/en-us/library/bb123559(v=EXCHG.80).aspx.
0
 

Author Comment

by:apollo-13
ID: 39195693
anti-spam features for internal Relay ? which one?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39195912
I would be surprised if the internal relay configuration has caused your server to be abused.
Ensure that you don't have externally secured enabled on any of the Receive Connectors.

The most likely cause is a compromised account. The windows logs might help you identify which account it is.

Enabling the antispam features isn't really going to help, although I would enable the recipient filter so that you are protected against NDR spam.

Simon.
0
 

Author Comment

by:apollo-13
ID: 39196335
Enabling the antispam features isn't really going to help ---It didnt help
0
 

Author Comment

by:apollo-13
ID: 39196339
i checked "Ensure that you don't have externally secured enabled on any of the Receive Connectors.
" they were no marked
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 

Author Comment

by:apollo-13
ID: 39196348
Normally my isp control mails from extern .They have spam filter for us. Last week they changed score to 12 then my internal relay Domain gets Spams.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39196423
Do your MX records point at the ISP?
If so, is your firewall locked down to only accept SMTP traffic from the ISP?

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.

Simon.
0
 

Author Comment

by:apollo-13
ID: 39196485
Do your MX records point at the ISP? -yes smart host SMTP we use

our isp filter spam mails before come to us. My isp says I do not Need any Exchange Server
SPAM FILTER because disturb their Server . for that reasen I did Exchange Server Spam filter deactiveded .
They says it my internal Problem if accepted Domain is internal Relay Domain.

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.
 


I looked they are from External IP. (like .ru,ca etc)
0
 

Author Comment

by:apollo-13
ID: 39196508
I have a question. This a internal relay Domain(mydomain.de) but not standard.
we use other Domain (mydomain.com)for emails.

is this spam Problem (mydomain.de) Comes from my Exchange Server or from ISP ?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39199372
I don't think you understood what I asked.
If you look at the headers of the spam messages you can see what servers the messages went through. You need to verify that the messages came through the ISP.

Why do you have a domain set as an internal relay domain? Do you have another non Exchange server that the messages are delivered to?

The ISP is also talking rubbish about the Exchange filters interferring with their own. Most of the Exchange filters are content based so will take place after delivery. Almost certainly they don't want your server bouncing email back to them, via recipeint fitlering, SPF record, blacklist lookup etc, because they cannot cope with it or it will look like their solution isn't working as well as should.

Simon.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now