RE: relay question

  • From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 9 Oct 2003 07:31:52 -0700

Testing relay by telneting does not always tell the whole story.


Is there any software that is severing as a gateway? (AV software)


Is there a user whose password could have become compromised?


Is there any relaying allowed by IP address?


Could the % hack been used? (A to address like
<> ) Some mail servers
(I am not sure about Exchange) will see that, receive it, and then send it
to remoteuser@xxxxxxxxxxxxxxxxx 


Have you checked the logs for how those messages were received?


Is message tracking turned on?


John Tolmachoff MCSE CSSA


eServices For You


-----Original Message-----
From: Mike Pfeiffer [mailto:mike@xxxxxxxxxxx] 
Sent: Wednesday, October 08, 2003 12:28 PM
To: [ExchangeList]
Subject: [exchangelist] relay question

I just came across an Exchange 2000 server at a customer site that has
hundreds of messages in the outbound queue. The server is not currently an
open relay (tested using the telnet method) but all of the messages are from
addresses from outside domains to users in outside domains. Why would these
messages get put in remote delivery queue if the server doesn't allow
unknown users to relay mail?


Thanks for any help

List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
Leading Network Software Directory:
No.1 ISA Server Resource Site:
Windows Security Resource Site:
Network Security Library:
Windows 2000/NT Fax Solutions:
You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to

Other related posts: