• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Still an Open relay

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Still an Open relay Page: [1]
Login
Message << Older Topic   Newer Topic >>
Still an Open relay - 18.Mar.2003 3:17:00 PM   
microcrashboy

 

Posts: 63
Joined: 3.Jan.2003
From: can
Status: offline
Hi all, I checked my server with ordb.org.

It sent me an e-mail saying I was an open relay! ARGH!

I have been reading on open relay over the past few weeks, and checked all through the site on how to close an open relay and yes by default win2k is closed, but the problem is when I closed the open relay I do not get any mail inbound, but can send no problem?

My network setup:
I have 3 servers running (all win2k).
I have exchange setup on a separate machince with gfi mail essentials spam filter on. (cool program!)
I host my own mail and web. I use a dns internet company. for my webname ie www.mydomain.com.
I ahve a linksys router which port forwards to the appropriate servers ie. port 25, 110 to e-mail server.

My Exchange setup:
My internal domain (say domain.com) is different than my external (say mydomain.com). I have set the primary smpt e-mail in each e-mail account.

I have an outbound connector configured and the seting is unchecked "allow messages to be relay to theese domains" - this is the only setting I have read anywhere to set or check here for open relay issues in the connector!

I have three virtual servers running, but the main one is the one that I believe is open as the queue fills up fast when I open it up.

I have set (on the main virtual server) by default on acces -> relay button "all except the list below" with nothing in list I have also checked "allow computer which successfully authenticate to relay, regardless of the list above." I have since changed this and listed internal servers and computers, but with this setting gives me no inbound e-mail???

On the authentication tab I have checked all anonymous access, basic anthentication, and Intergrated windows aunthentication.

On connection I have checked "all except list below" there is nothing in list.

I know I am missing something here I checked the settings in the tutorials and the following:
http://www.sandqvist.pp.se/vs/
http://www.sandqvist.pp.se/smtp/
http://www.msexchange.org/tutorials/MF002.html
http://www.msexchange.org/tutorials/MF005.html
as well as many other sites
They say different methods like disabling annomounys access and other things like that.
The prolbem is it prevents POP and inbound e-mail.

I think what I need to know is how does the inbound e-mail smtp get listed? With a closed relay?

Any thoughts???
If you need more information let me know and I can add as required if I missed anything!

Thanx
Post #: 1
RE: Still an Open relay - 18.Mar.2003 4:10:00 PM   
koggen

 

Posts: 980
Joined: 31.Oct.2001
From: Göteborg - Sweden
Status: offline
Hi!

Drop me a note on johan.sandqvist@home.se and we'll see what can be done.

// Johan

(in reply to microcrashboy)
Post #: 2
RE: Still an Open relay - 19.Mar.2003 7:31:00 AM   
microcrashboy

 

Posts: 63
Joined: 3.Jan.2003
From: can
Status: offline
thanx johan will doooooooooo!

(in reply to microcrashboy)
Post #: 3
RE: Still an Open relay - 20.Mar.2003 2:46:00 AM   
microcrashboy

 

Posts: 63
Joined: 3.Jan.2003
From: can
Status: offline
I think I found the problem. I had the default smtp server running on both the web and file server. Would that cause the problem? Of spam being sent out? Well what I did was I disabled them on the safe side.

[ March 20, 2003, 02:47 AM: Message edited by: microcrashboy ]

(in reply to microcrashboy)
Post #: 4
RE: Still an Open relay - 20.Mar.2003 4:29:00 PM   
Speed

 

Posts: 8
Joined: 19.Mar.2003
From: Amsterdam
Status: offline
yes that is your problem!
you can even use ftp to sent mail trough smtp
use IISLOCKDOWN for all your IIS Servers...

(in reply to microcrashboy)
Post #: 5
RE: Still an Open relay - 23.Mar.2003 6:16:00 AM   
microcrashboy

 

Posts: 63
Joined: 3.Jan.2003
From: can
Status: offline
thanx will do that!

(in reply to microcrashboy)
Post #: 6
RE: Still an Open relay - 23.Mar.2003 4:41:00 PM   
microcrashboy

 

Posts: 63
Joined: 3.Jan.2003
From: can
Status: offline
Since I have disconnected my computer from the network and ran the IIS lockdown tool, I have found like 2500 messages waiting to be routed.

I also noticed the server, without network connectivity is very slow functioning.

I am getting the feeling like I have a virus (but I ran a virus scan with updated definitions) or like a spam bug.

Something is inside the exchange server creating the spam e-mail and trying to send it out to whomever.

In this open realya issue is there like a script or virus thing that they place on the server that gernerates/reproduces spam e-mail and sends it out ramdomly?

Thanx

(in reply to microcrashboy)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2000] >> Server Security >> Still an Open relay Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter