[ExchangeList] Re: Sharing SMTP namespace

  • From: "Taylor, George" <GTaylor@xxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 3 Jan 2007 11:16:31 -0700

Well, I've actually never looked into logging for a connector, but it
may be there.  One of our phone guys (actually a girl) had a method
named after her that could help, called the <her name> line tracing
method, unplug it and see who calls.....
 
Also, is your Exchange connector the ONLY route out of your org?  If not
then logs from your connector are less likely to give you any valid
information, you may have many apps/servers/whatever that point directly
to port 25 on other boxes....
 
George Taylor
Systems Programmer
Regional Health Inc.
 

  _____  

From: Frank [mailto:fhardwic@xxxxxxxxx] 
Sent: Wednesday, January 03, 2007 10:56 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: Sharing SMTP namespace


Its not as bad as all that, but you did hit some valid points.  This one
unix host is responsible for one domain for a small company.  The admin
who left was their Notes admin and arranged maintenance for this one
sendmail host. Both the Notes adn Sendmail server will be powered off in
the next week or so, as soon as the user migrations to our Enterprise
Exchange 2003 solution is completed.  I'm looking for straggling shared
mailboxes and utility email accounts that may be under the radar of the
user migrations.  All of these servers are several layers in from the
Internet perimeter, which we DO own and control tightly.  
 
Meanwhile, back at the (HQ) ranch, I'd like to be able to peek at what
is not resolving in AD and being routed thru the SMTP connector set up
to share the name space.
 
 
Frank

"Taylor, George" <GTaylor@xxxxxxxx> wrote:

        Dude, you have a serious problem, so ignore looking at log
trends right now, your routing is the very least of your worries.  You
host 185 seperate domains!!!!!! and don't have access to your Unix
boxes?????  Someone who quit or was terminated DOES have access?????
Probably not just Unix, that user I'm sure has access to a domain admin
account as well.  
         
        Number 1, buy some kneepads, cuz your gonna be on your knees
begging for your customer's forgivness.  Then, using whatever means
needed, get back controller of your network, (go as far as hiring a
hacker to get it back for you if needed) once you have control secure it
properly.  That includes hiring a consultant to hack your network and
show you where all the backdoors are, and believe me they are there!!
Password changes policies, when an Admin leaves all accounts that have
power get their passwords changed within a short period of time, we go
30 minutes.
         
        Now that you have your network back take a look at the logs and
hope to continue getting a paycheck.
         
        George Taylor
        Systems Programmer
        Regional Health Inc.

  _____  

        From: Frank [mailto:fhardwic@xxxxxxxxx] 
        Sent: Wednesday, January 03, 2007 8:03 AM
        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Sharing SMTP namespace
        
        
        Thanks, and I agree.
         
        The easiest WOULD be to look thru the sendmail logs, IF I could
get access to them.  The admin of those machines left the company, and
took with him passwords that would provide access.  Thats why I'm
looking for a "view" into the traffic via Exchange.  I'm also the
Unix/Sendmail guy for the Enterprise, but not for that remote business
unit that was purchased.
         
        Frank
        
        Jon Spriggs <jon@xxxxxxxxxxxxxx> wrote:

                http://www.msexchange.org
        
-------------------------------------------------------I'm not hugely
knowledgeable about Exchange (part of the reason I
                joined this list), but from a Unix perspective, probably
the easiest
                thing to do would be to setup a cron job on the sendmail
servers to
                mail you the rotated logs on a daily basis. This should
be fairly easy
                to setup. I'll see if anyone suggests an exchange way of
doing it
                easier, and if not, I'll knock together a small script
for you.
                
                Regards,
                
                Jon
                
                On 1/3/07, Frank wrote:
                > Our enterprise hosts 185 SMTP domains, including a few
that that belong to
                > companies acquired over the past couple of years.
We've implemented the
                > SMTP domain namespace sharing as referenced in this kb
article
                > http://support.microsoft.com/kb/321721 with good
success.
                > My challenge is, now that we are folding these all
into one centralized
                > cluster, I need to be able to see what mail is still
be routed out through
                > the SMTP connectors to the legacy sendmail servers.
The sendmail admins are
                > no longer with the company, so looking at those logs
will be dificult at
                > best. I need to be able to see, on the Exchange
2000/2003 side, what emails
                > are being routed to those downstream hosts.
                >
                >
                > Suggestions?
                > Frank Hardwick
                > Enterprise Messaging
                >
                >
                >
                > __________________________________________________
                > Do You Yahoo!?
                > Tired of spam? Yahoo! Mail has the best spam
protection around
                > http://mail.yahoo.com
                -------------------------------------------------------
                List Archives:
http://www.freelists.org/archives/exchangelist/ 
                MSExchange Newsletter:
http://www.msexchange.org/pages/newsletter.asp 
                MSExchange Articles and Tutorials:
http://www.msexchange.org/articles_tutorials/ 
                MSExchange Blogs: http://blogs.msexchange.org/ 
                -------------------------------------------------------
                Visit TechGenix.com for more information about our other
sites:
                http://www.techgenix.com 
                -------------------------------------------------------
                To unsubscribe visit
http://www.msexchange.org/pages/exchangelist.asp
                Report abuse to listadmin@xxxxxxxxxxxxxx 
                
                


        __________________________________________________
        Do You Yahoo!?
        Tired of spam? Yahoo! Mail has the best spam protection around 
        http://mail.yahoo.com 
        ***Note: The information contained in this message, including
any attachments, may be privileged, confidential, and protected from
disclosure. If the reader of this message is not the intended recipient,
or an employee or agent responsible for delivering this message to the
intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If
you have received this communication in error, please notify the Sender
immediately by a "reply to sender only" message and destroy all
electronic or paper copies of the communication, including any
attachments.
        


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

***Note: The information contained in this message, including any attachments, 
may be privileged, confidential, and protected from disclosure. If the reader 
of this message is not the intended recipient, or an employee or agent 
responsible for delivering this message to the intended recipient, you are 
hereby notified that any dissemination, distribution or copying of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify the Sender immediately by a "reply to sender only" 
message and destroy all electronic or paper copies of the communication, 
including any attachments.

Other related posts: