?
Solved

Exchange server 2007  Spam

Posted on 2013-05-24
10
Medium Priority
?
428 Views
Last Modified: 2013-05-29
I have a exchange server 2007.

Accepted domains:

mydomain.de --Internal Relaydomain
mydomain.com -- External Relaydomain(standard)

i got many spams Internal Relaydomain.
example:
hotelbook.mydomain.de etc

How can i block them? Pls immediantlly help !!!!!
0
Comment
Question by:apollo-13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 500 total points
ID: 39195685
Please enable the Exchange 2007 anti-spam features: http://technet.microsoft.com/en-us/library/bb123559(v=EXCHG.80).aspx.
0
 

Author Comment

by:apollo-13
ID: 39195693
anti-spam features for internal Relay ? which one?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1500 total points
ID: 39195912
I would be surprised if the internal relay configuration has caused your server to be abused.
Ensure that you don't have externally secured enabled on any of the Receive Connectors.

The most likely cause is a compromised account. The windows logs might help you identify which account it is.

Enabling the antispam features isn't really going to help, although I would enable the recipient filter so that you are protected against NDR spam.

Simon.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:apollo-13
ID: 39196335
Enabling the antispam features isn't really going to help ---It didnt help
0
 

Author Comment

by:apollo-13
ID: 39196339
i checked "Ensure that you don't have externally secured enabled on any of the Receive Connectors.
" they were no marked
0
 

Author Comment

by:apollo-13
ID: 39196348
Normally my isp control mails from extern .They have spam filter for us. Last week they changed score to 12 then my internal relay Domain gets Spams.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1500 total points
ID: 39196423
Do your MX records point at the ISP?
If so, is your firewall locked down to only accept SMTP traffic from the ISP?

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.

Simon.
0
 

Author Comment

by:apollo-13
ID: 39196485
Do your MX records point at the ISP? -yes smart host SMTP we use

our isp filter spam mails before come to us. My isp says I do not Need any Exchange Server
SPAM FILTER because disturb their Server . for that reasen I did Exchange Server Spam filter deactiveded .
They says it my internal Problem if accepted Domain is internal Relay Domain.

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.
 


I looked they are from External IP. (like .ru,ca etc)
0
 

Author Comment

by:apollo-13
ID: 39196508
I have a question. This a internal relay Domain(mydomain.de) but not standard.
we use other Domain (mydomain.com)for emails.

is this spam Problem (mydomain.de) Comes from my Exchange Server or from ISP ?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1500 total points
ID: 39199372
I don't think you understood what I asked.
If you look at the headers of the spam messages you can see what servers the messages went through. You need to verify that the messages came through the ISP.

Why do you have a domain set as an internal relay domain? Do you have another non Exchange server that the messages are delivered to?

The ISP is also talking rubbish about the Exchange filters interferring with their own. Most of the Exchange filters are content based so will take place after delivery. Almost certainly they don't want your server bouncing email back to them, via recipeint fitlering, SPF record, blacklist lookup etc, because they cannot cope with it or it will look like their solution isn't working as well as should.

Simon.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month9 days, 9 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question