• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange 2000 Relay Restrictions (SPAM)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Exchange 2000 Relay Restrictions (SPAM) Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange 2000 Relay Restrictions (SPAM) - 10.Sep.2002 6:22:00 PM   
pdonisi

 

Posts: 3
Joined: 10.Sep.2002
From: Ohio
Status: offline
My server is curently being used to send SPAM. Does anyone know how I can stop the unauthorized relaying being used to send SPAM, without it blocking mail for legitimate exchange users on my server. I have followed the article written here by Mark Fugatt titled: "Understanding Relaying and Spam with Exchange 2000" However when I click on the Relay tab under the SMTP virtual server and choose "Only the list below" I stop receiving mail alltogether, even for legitimate users. I did not put anything in the "list below" Is there something I can put in the list to make this work?
Post #: 1
RE: Exchange 2000 Relay Restrictions (SPAM) - 10.Sep.2002 9:30:00 PM   
DaDougInc

 

Posts: 845
Joined: 17.May2002
From: NC
Status: offline
Configure the Default SMTP Virtual Server as such:
1) Relay - Only the List Below & Check the Allow all computers which successfully authenticate...
2) Authentication - Be sure Anonymous, Basic, and Intergrated are selected & TLS and default domain is NOT checked or filled
3) Connection Control - Set to ALL except the List Below and nothing is in the list!
4) Delivery Tab > Advanced - Be sure Masquerade Domain and Smarthost is BLANK!

Configure the Recipient Policies as such:
1) On the Default Recipient Policy Email Addresses tab, be sure that your local domain is listed their and on the properties of it, This Exchange Organization is responsible... MUST be checked!

If you have a SMTP Connector (under Connectors or Routing Groups), DELETE IT!

If this fails, then too many defaults had been changed!

(in reply to pdonisi)
Post #: 2
RE: Exchange 2000 Relay Restrictions (SPAM) - 11.Sep.2002 2:07:00 PM   
pdonisi

 

Posts: 3
Joined: 10.Sep.2002
From: Ohio
Status: offline
Thanks,
I have all of those settings exactly as you described. Except for one. When I created the domain in AD I named it domain.local. My internet name is domain.com. When I set up Exchange my email was not intially working. I had to add domain.com to the recipient policy so I could get mail. Domain.local is the one that has the checkbox for "This Exchange Organization is responsible for all mail delivery to this address." The one for domain.com has this checkbox grayed out. I don't think this has anything to do with it though.

However I thought I had everything working fine yesterday. I had all the settings correct that I had read about and I was still able to receive mail to my valid address. I tried telnetting into my domain and sending a bogus email. It said it was unable to relay for otheruser@otherdomain.com. When I put my valid email address in it give a 250 2.1.5 confirmation.
Everything looked fine. I even sent a test from ORDB.org which came back saying that relaying was not turned on.

Yesterday I had cleaned out the 10,000 files in the bad mail directory. However this morning when I checked the directory again I had 50 new messages in there!

Any ideas as to what is going on here?
Any help would be greatly appreciated. Thanks

(in reply to pdonisi)
Post #: 3
RE: Exchange 2000 Relay Restrictions (SPAM) - 18.Sep.2002 3:59:00 AM   
mfugatt

 

Posts: 479
Joined: 7.Apr.2002
From: United Kingdom
Status: offline
The BADMAIL directory is for mail that cannot be delivered into your organization and cannot be returned to the sender, in other words its junk mail, just delete the contents of the BADMAIL directory.

If your worried about spam and want to reduce it, look at MailEssentials from www.gfi.com

(in reply to pdonisi)
Post #: 4
RE: Exchange 2000 Relay Restrictions (SPAM) - 24.Sep.2002 3:29:00 AM   
pdonisi

 

Posts: 3
Joined: 10.Sep.2002
From: Ohio
Status: offline
Mark,
Thanks for your reply.
My issue is not that I am receiving SPAM it's that my server was not configured to block relaying.
I do think I have relaying turned off now because I followed the documented procedure on how to block relaying and I performed some tests to verify that it works. Also I haven't had any new messages in the bad mail directory in the last couple of weeks, since I made the change.

However I keep getting occasional messages similar to the one below. I know I am not sending these messages. So it's like relaying is still somehow on.

Your message did not reach some or all of the intended recipients.

Subject: Error goto 0
Sent: 9/23/2002 7:11 PM

The following recipient(s) could not be reached:

licencias@chs.com.mx on 9/23/2002 7:13 PM
The e-mail address could not be found. Perhaps the recipient moved to a different e-mail organization, or there was a mistake in the address. Check the address and try again.
< rly-ip04.mx.aol.com #5.1.2>

Any thoughts?

Thanks

(in reply to pdonisi)
Post #: 5
RE: Exchange 2000 Relay Restrictions (SPAM) - 26.Sep.2002 5:44:00 AM   
gr00ve

 

Posts: 5
Joined: 26.Sep.2002
From: Australia
Status: offline
Hey. I've been having major spam relaying probs on my server. I did exactly what DaDougInc specified and it seemed to work initially. But now my ISP has received more emails from Spamcop stating my server is still relaying. I ran the proxyscanner at http://www.fr2.cyberabuse.org/?page=proxyscanner and it returns I have an insecure Socks 4 server. Any ideas?? Is this something to do with say ISA server rather than exchange or...? I have only just taken over this network from another person so I haven't sifted through a lot of the junk. But I would appreciate it if anyone had any ideas. Thanks. [Frown]

(in reply to pdonisi)
Post #: 6
RE: Exchange 2000 Relay Restrictions (SPAM) - 26.Sep.2002 10:01:00 AM   
gr00ve

 

Posts: 5
Joined: 26.Sep.2002
From: Australia
Status: offline
Don't worry guys I found the whole and plugged it up. It's working smick now.

(in reply to pdonisi)
Post #: 7
RE: Exchange 2000 Relay Restrictions (SPAM) - 26.Sep.2002 10:08:00 AM   
gr00ve

 

Posts: 5
Joined: 26.Sep.2002
From: Australia
Status: offline
That was meant to be hole not whole. [Smile]

(in reply to pdonisi)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Exchange 2000 Relay Restrictions (SPAM) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter