Solved

Exchange server 2007  Spam

Posted on 2013-05-24
10
416 Views
Last Modified: 2013-05-29
I have a exchange server 2007.

Accepted domains:

mydomain.de --Internal Relaydomain
mydomain.com -- External Relaydomain(standard)

i got many spams Internal Relaydomain.
example:
hotelbook.mydomain.de etc

How can i block them? Pls immediantlly help !!!!!
0
Comment
Question by:apollo-13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 125 total points
ID: 39195685
Please enable the Exchange 2007 anti-spam features: http://technet.microsoft.com/en-us/library/bb123559(v=EXCHG.80).aspx.
0
 

Author Comment

by:apollo-13
ID: 39195693
anti-spam features for internal Relay ? which one?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39195912
I would be surprised if the internal relay configuration has caused your server to be abused.
Ensure that you don't have externally secured enabled on any of the Receive Connectors.

The most likely cause is a compromised account. The windows logs might help you identify which account it is.

Enabling the antispam features isn't really going to help, although I would enable the recipient filter so that you are protected against NDR spam.

Simon.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:apollo-13
ID: 39196335
Enabling the antispam features isn't really going to help ---It didnt help
0
 

Author Comment

by:apollo-13
ID: 39196339
i checked "Ensure that you don't have externally secured enabled on any of the Receive Connectors.
" they were no marked
0
 

Author Comment

by:apollo-13
ID: 39196348
Normally my isp control mails from extern .They have spam filter for us. Last week they changed score to 12 then my internal relay Domain gets Spams.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39196423
Do your MX records point at the ISP?
If so, is your firewall locked down to only accept SMTP traffic from the ISP?

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.

Simon.
0
 

Author Comment

by:apollo-13
ID: 39196485
Do your MX records point at the ISP? -yes smart host SMTP we use

our isp filter spam mails before come to us. My isp says I do not Need any Exchange Server
SPAM FILTER because disturb their Server . for that reasen I did Exchange Server Spam filter deactiveded .
They says it my internal Problem if accepted Domain is internal Relay Domain.

You need to look at the headers of the spam messages to see if they came via the ISP. If they did then you need to query with the ISP why so much is getting through.
 


I looked they are from External IP. (like .ru,ca etc)
0
 

Author Comment

by:apollo-13
ID: 39196508
I have a question. This a internal relay Domain(mydomain.de) but not standard.
we use other Domain (mydomain.com)for emails.

is this spam Problem (mydomain.de) Comes from my Exchange Server or from ISP ?
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 375 total points
ID: 39199372
I don't think you understood what I asked.
If you look at the headers of the spam messages you can see what servers the messages went through. You need to verify that the messages came through the ISP.

Why do you have a domain set as an internal relay domain? Do you have another non Exchange server that the messages are delivered to?

The ISP is also talking rubbish about the Exchange filters interferring with their own. Most of the Exchange filters are content based so will take place after delivery. Almost certainly they don't want your server bouncing email back to them, via recipeint fitlering, SPF record, blacklist lookup etc, because they cannot cope with it or it will look like their solution isn't working as well as should.

Simon.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question