I like this idea, and I've used it other places, and for "deferring" inbound mail for other reasons on our perimeter email security appliances. Don't know why it didn't occur earlier.
Will Exchange know that it can/has-to retry delivery once the destination is set to a good or bad destination?
Simon Butler <simon@xxxxxxxxxxxx> wrote:
In that case, why not use the "shake the tree" method (as in shake the tree and see what falls out).
Route the traffic to invalid hosts. Exchange will then queue the emails
because the host is invalid. Then view the contents of the queues. Patterns will quickly become noticeable allowing you to spot what hasn't been moved. When you know, set it back so that email flows again. Repeat to capture anything new.
Simon.
Its not as bad as all that, but you did hit some valid points. This one
unix host is responsible for one domain for a small company. The admin who left was their Notes admin and arranged maintenance for this one sendmail host. Both the Notes adn Sendmail server will be powered off in the next week or so, as soon as the user migrations to our Enterprise Exchange 2003 solution is completed. I'm looking for straggling shared mailboxes and utility email accounts that may be under the radar of the user migrations. All of these servers are several layers in from the Internet perimeter, which we DO own and control tightly.
Meanwhile, back at the (HQ) ranch, I'd like to be able to peek at what is not resolving in AD and being routed thru the SMTP connector set up to share the name space.
Frank
"Taylor, George" <GTaylor@xxxxxxxx> wrote:
Dude, you have a serious problem, so ignore looking at log trends right now, your routing is the very least of your worries. You host 185 seperate domains!!!!!! and don't have access to your Unix boxes????? Someone who quit or was terminated DOES have access????? Probably not just Unix, that user I'm sure has access to a domain admin account as well.
Number 1, buy some kneepads, cuz your gonna be on your knees begging for your customer's forgivness. Then, using whatever means needed, get back controller of your
network, (go as far as hiring a hacker to get it back for you if needed) once you have control secure it properly. That includes hiring a consultant to hack your network and show you where all the backdoors are, and believe me they are there!! Password changes policies, when an Admin leaves all accounts that have power get their passwords changed within a short period of time, we go 30 minutes.
Now that you have your network back take a look at the logs and hope to continue getting a paycheck.
George Taylor
Systems Programmer
Regional Health Inc.
Thanks, and I agree.
The easiest WOULD be to look thru the sendmail logs, IF I could get access to them. The admin of those machines left the company, and took with him passwords that would provide access. Thats why I'm looking for a "view" into the traffic via Exchange. I'm
also the Unix/Sendmail guy for the Enterprise, but not for that remote business unit that was purchased.
Frank
Jon Spriggs <jon@xxxxxxxxxxxxxx> wrote:
http://www.msexchange.org
-------------------------------------------------------I'm not hugely knowledgeable about Exchange (part of the reason I
joined this list), but from a Unix perspective, probably the easiest
thing to do would be to setup a cron job on the sendmail servers to
mail you the rotated logs on a daily basis. This should be fairly easy
to setup. I'll see if anyone suggests an exchange way of doing it
easier, and if not, I'll knock together a small script for you.
Regards,
Jon
On 1/3/07, Frank wrote:
> Our enterprise hosts 185 SMTP domains, including a few that that belong
to
> companies acquired over the past couple of years. We've implemented the
> SMTP domain namespace sharing as referenced in this kb article
> http://support.microsoft.com/kb/321721 with good success.
> My challenge is, now that we are folding these all into one centralized
> cluster, I need to be able to see what mail is still be routed out through
> the SMTP connectors to the legacy sendmail servers. The sendmail admins are
> no longer with the company, so looking at those logs will be dificult at
> best. I need to be able to see, on the Exchange 2000/2003 side, what emails
> are being routed to those downstream hosts.
>
>
> Suggestions?
> Frank Hardwick
> Enterprise Messaging
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
>
http://mail.yahoo.com
-------------------------------------------------------
List Archives: //www.freelists.org/archives/exchangelist/
MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp
MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/
MSExchange Blogs: http://blogs.msexchange.org/
-------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
-------------------------------------------------------
To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp
Report abuse to listadmin@xxxxxxxxxxxxxx
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
***Note: The information contained in this message, including any attachments, may be privileged,
confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the Sender immediately by a "reply to sender only" message and destroy all electronic or paper copies of the communication, including any attachments.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
