RE: >>>>> Emergency ... Badmail directory and SMTP

• From: "Joupin" <me@xxxxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Thu, 25 Sep 2003 21:45:24 +0330

Email being recived to an account but not the correct name?-Yes there are lots 
of advertisments in the queue directory and one of badmail is
==========================================================
From: postmaster@xxxxxxxxxxxx
To: 47765@xxxxxxx
Date: Tue, 23 Sep 2003 21:35:41 +0330
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
 boundary="9B095B5ADSN=_01C37DC945AA372C0002CF3Fmail.mydomain.com"
X-DSNContext: 7ce717b1 - 1184 - 00000002 - 00000000
Message-ID: GCvqQ7SzE000131b6@xxxxxxxxxxxxxxxxx
Subject: Delivery Status Notification (Failure)

This is a MIME-formatted message.  
Portions of this message may be unreadable without a MIME-capable mail program.

--9B095B5ADSN=_01C37DC945AA372C0002CF3Fmail.mydomain.com
Content-Type: text/plain; charset=unicode-1-1-utf-7

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

       biggers@xxxxxxx
=========================================================

- I have test it my self with helo,mail from, rcpt to, and ...... also with 
using of abuse.net
- Yes I reviewd the log ,,, here is the sample 
==================================
18:14:39 65.54.253.99 OutboundConnectionCommand SMTPSVC1 mail - 25 BDAT - 
2811+LAST 0 0 4 0 32969 SMTP - - - -
18:14:39 64.12.138.152 OutboundConnectionResponse SMTPSVC1 mail - 25 - - 
354+START+MAIL+INPUT,+END+WITH+"."+ON+A+LINE+BY+ITSELF 0 0 54 0 17859 SMTP - - 
- -
18:14:39 209.240.204.26 OutboundConnectionResponse SMTPSVC1 mail - 25 - - 2
==================================
- yes , No error after restarting the service 
also I applied the latest patchs on for it


-Yeah a problem I think    ;-))

Regards
Joupin



http://www.MSExchange.org/

  Have you bothered to check some of the messages in the badmail folder?



  Why do you have mail in the badmail folder? Exchange does not use that.



  How do you know you are not allow relaying?



  Have you reviewed the logs?



  How can you stop and start the SMTP service without Exchange screaming with 
errors?



  Sounds like you might have a couple of problems.



  John Tolmachoff MCSE CSSA

  Engineer/Consultant

  eServices For You

  www.eservicesforyou.com



  -----Original Message-----
  From: Joupin [mailto:me@xxxxxxxxxx] 
  Sent: Thursday, September 25, 2003 9:26 AM
  To: [ExchangeList]
  Subject: [exchangelist] >>>>> Emergency ... Badmail directory and SMTP



  http://www.MSExchange.org/

  Hi
  I have  a serius problem in here
  there is an exchange server 2000 with sp3 on the windows 2000 (sp4) machine
  I notice a grow of BadMail directory unexpectly ( around 500,000 badmails 
just in a week . 
  relay of the server were closed and nothing can be relay throw it . but when 
I just start the SMTP service suddenly lots of badmails flow in its directory 
and at the same time I don`t see any active current connection and the IP of 
source changed time to time using an sniifer no help !
  Please let me know


  1. Is it a kind of DoS Attack or spam ?
  so what can I do ?

  Any fast respond appreciated
  Regards
  Joupin
  www.joupin.com
   :confused: 



  ------------------------------------------------------
  List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
  Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
  Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
  ------------------------------------------------------
  Other Internet Software Marketing Sites:
  Leading Network Software Directory: http://www.serverfiles.com
  No.1 ISA Server Resource Site: http://www.isaserver.org
  Windows Security Resource Site: http://www.windowsecurity.com/
  Network Security Library: http://www.secinf.net/
  Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
  ------------------------------------------------------
  You are currently subscribed to this MSExchange.org Discussion List as: 
johnlist@xxxxxxxxxxxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub') 

  ------------------------------------------------------
  List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
  Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
  Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
  ------------------------------------------------------
  Other Internet Software Marketing Sites:
  Leading Network Software Directory: http://www.serverfiles.com
  No.1 ISA Server Resource Site: http://www.isaserver.org
  Windows Security Resource Site: http://www.windowsecurity.com/
  Network Security Library: http://www.secinf.net/
  Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
  ------------------------------------------------------
  You are currently subscribed to this MSExchange.org Discussion List as: 
me@xxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » >>>>> Emergency ... Badmail directory and SMTP
• » RE: >>>>> Emergency ... Badmail directory and SMTP
• » RE: >>>>> Emergency ... Badmail directory and SMTP
• » RE: >>>>> Emergency ... Badmail directory and SMTP
• » RE: >>>>> Emergency ... Badmail directory and SMTP
• » RE: >>>>> Emergency ... Badmail directory and SMTP

1. Home
2. exchangelist
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---