Solved

Exchange server 2007  Spam

Posted on 2013-05-24
10
421 Views
Last Modified: 2013-05-29
I have a exchange server 2007.

Accepted domains:

mydomain.de --Internal Relaydomain
mydomain.com -- External Relaydomain(standard)

i got many spams Internal Relaydomain.
example:
hotelbook.mydomain.de etc

How can i block them? Pls immediantlly help !!!!!
0
Comment
Question by:apollo-13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 125 total points
ID: 39195685
Please enable the Exchange 2007 anti-spam features: http://technet.microsoft.com/en-us/library/bb123559(v=EXCHG.80).aspx.
0
 

Author Comment

by:apollo-13
ID: 39195693
anti-spam features for internal Relay ? which one?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39195912
I would be surprised if the internal relay configuration has caused your server to be abused.
Ensure that you don't have externally secured enabled on any of the Receive Connectors.

The most likely cause is a compromised account. The windows logs might help you identify which account it is.

Enabling the antispam features isn't really going to help, although I would enable the recipient filter so that you are protected against NDR spam.

Simon.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:apollo-13
ID: 39196335
Enabling the antispam features isn't really going to help ---It didnt help
0
 

Author Comment

by:apollo-13
ID: 39196339
i checked "Ensure that you don't have externally secured enabled on any of the Receive Connectors.
" they were no marked
0
 

Author Comment

by:apollo-13
ID: 39196348
Normally my isp control mails from extern .They have spam filter for us. Last week they changed score to 12 then my internal relay Domain gets Spams.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39196423
Do your MX records point at the ISP?
If so, is your firewall locked down to only accept SMTP traffic from the ISP?

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.

Simon.
0
 

Author Comment

by:apollo-13
ID: 39196485
Do your MX records point at the ISP? -yes smart host SMTP we use

our isp filter spam mails before come to us. My isp says I do not Need any Exchange Server
SPAM FILTER because disturb their Server . for that reasen I did Exchange Server Spam filter deactiveded .
They says it my internal Problem if accepted Domain is internal Relay Domain.

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.
 


I looked they are from External IP. (like .ru,ca etc)
0
 

Author Comment

by:apollo-13
ID: 39196508
I have a question. This a internal relay Domain(mydomain.de) but not standard.
we use other Domain (mydomain.com)for emails.

is this spam Problem (mydomain.de) Comes from my Exchange Server or from ISP ?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39199372
I don't think you understood what I asked.
If you look at the headers of the spam messages you can see what servers the messages went through. You need to verify that the messages came through the ISP.

Why do you have a domain set as an internal relay domain? Do you have another non Exchange server that the messages are delivered to?

The ISP is also talking rubbish about the Exchange filters interferring with their own. Most of the Exchange filters are content based so will take place after delivery. Almost certainly they don't want your server bouncing email back to them, via recipeint fitlering, SPF record, blacklist lookup etc, because they cannot cope with it or it will look like their solution isn't working as well as should.

Simon.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This video discusses moving either the default database or any database to a new volume.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question