Exchange 2003 SMTP security or NOT

  • From: "Vadim" <vshulaev@xxxxxxxxxxxxxx>
  • To: exchangelist@xxxxxxxxxxxxx
  • Date: Thu, 28 Oct 2004 18:10:16 -0600

Hi everyone,

I have Exchange 2003 in my domain. BE clustered and one FE server both
running Exchaneg 2003 Enterprise with SP1 and all of the Hotfixes and
updates on Win 2003 servers.

It is a second time my Public IP address ended up on Black List as a
Spammer or mail-relay. Did number of tests against my server for relay and
it is all good when it comes to securing it. All of them behind PIX
firewall and it is very much closed to any SMTP other then this server.

I did come across the discussion on Microsoft site regarding this issie
and here is what got me thinking:

"Q: Exchange 2000 has been tested against relaying but still shows random
(spam) domains in the SMTP queue. Logons shown as "system" or "SMTP" is
there a compromise I can't see with normal AV Scan?
A: Check your queues to make sure that your server is not sending an NDR
to the domain from where the email originated. I have this same issue on
my server where relaying is denied. However, if someone send an email to
nosuchuser@xxxxxxxxxx, Exchange will automatically attmpt to NDR back to
the originator. This does not indicate RELAY SPAM. Just NORMAL SPAM."

This is directly from Microsoft. I disabled NDR's on that server and
hopefully this would fix my issue with being a "spamer".

Anyone had any simular issues?



Other related posts:

  • » Exchange 2003 SMTP security or NOT