[ExchangeList] Re: Sharing SMTP namespace

  • From: "Simon Butler" <simon@xxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 3 Jan 2007 18:06:09 -0000

In that case, why not use the "shake the tree" method (as in shake the
tree and see what falls out). 
Route the traffic to invalid hosts. Exchange will then queue the emails
because the host is invalid. Then view the contents of the queues.
Patterns will quickly become noticeable allowing you to spot what hasn't
been moved. When you know, set it back so that email flows again. Repeat
to capture anything new. 


From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Frank
Sent: 03 January 2007 17:56
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: Sharing SMTP namespace

Its not as bad as all that, but you did hit some valid points.  This one
unix host is responsible for one domain for a small company.  The admin
who left was their Notes admin and arranged maintenance for this one
sendmail host. Both the Notes adn Sendmail server will be powered off in
the next week or so, as soon as the user migrations to our Enterprise
Exchange 2003 solution is completed.  I'm looking for straggling shared
mailboxes and utility email accounts that may be under the radar of the
user migrations.  All of these servers are several layers in from the
Internet perimeter, which we DO own and control tightly.  
Meanwhile, back at the (HQ) ranch, I'd like to be able to peek at what
is not resolving in AD and being routed thru the SMTP connector set up
to share the name space.

"Taylor, George" <GTaylor@xxxxxxxx> wrote:

        Dude, you have a serious problem, so ignore looking at log
trends right now, your routing is the very least of your worries.  You
host 185 seperate domains!!!!!! and don't have access to your Unix
boxes?????  Someone who quit or was terminated DOES have access?????
Probably not just Unix, that user I'm sure has access to a domain admin
account as well.  
        Number 1, buy some kneepads, cuz your gonna be on your knees
begging for your customer's forgivness.  Then, using whatever means
needed, get back controller of your network, (go as far as hiring a
hacker to get it back for you if needed) once you have control secure it
properly.  That includes hiring a consultant to hack your network and
show you where all the backdoors are, and believe me they are there!!
Password changes policies, when an Admin leaves all accounts that have
power get their passwords changed within a short period of time, we go
30 minutes.
        Now that you have your network back take a look at the logs and
hope to continue getting a paycheck.
        George Taylor
        Systems Programmer
        Regional Health Inc.


        From: Frank [mailto:fhardwic@xxxxxxxxx] 
        Sent: Wednesday, January 03, 2007 8:03 AM
        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Sharing SMTP namespace
        Thanks, and I agree.
        The easiest WOULD be to look thru the sendmail logs, IF I could
get access to them.  The admin of those machines left the company, and
took with him passwords that would provide access.  Thats why I'm
looking for a "view" into the traffic via Exchange.  I'm also the
Unix/Sendmail guy for the Enterprise, but not for that remote business
unit that was purchased.
        Jon Spriggs <jon@xxxxxxxxxxxxxx> wrote:

-------------------------------------------------------I'm not hugely
knowledgeable about Exchange (part of the reason I
                joined this list), but from a Unix perspective, probably
the easiest
                thing to do would be to setup a cron job on the sendmail
servers to
                mail you the rotated logs on a daily basis. This should
be fairly easy
                to setup. I'll see if anyone suggests an exchange way of
doing it
                easier, and if not, I'll knock together a small script
for you.
                On 1/3/07, Frank wrote:
                > Our enterprise hosts 185 SMTP domains, including a few
that that belong to
                > companies acquired over the past couple of years.
We've implemented the
                > SMTP domain namespace sharing as referenced in this kb
                > http://support.microsoft.com/kb/321721 with good
                > My challenge is, now that we are folding these all
into one centralized
                > cluster, I need to be able to see what mail is still
be routed out through
                > the SMTP connectors to the legacy sendmail servers.
The sendmail admins are
                > no longer with the company, so looking at those logs
will be dificult at
                > best. I need to be able to see, on the Exchange
2000/2003 side, what emails
                > are being routed to those downstream hosts.
                > Suggestions?
                > Frank Hardwick
                > Enterprise Messaging
                > __________________________________________________
                > Do You Yahoo!?
                > Tired of spam? Yahoo! Mail has the best spam
protection around
                > http://mail.yahoo.com
                List Archives:
                MSExchange Newsletter:
                MSExchange Articles and Tutorials:
                MSExchange Blogs: http://blogs.msexchange.org/ 
                Visit TechGenix.com for more information about our other
                To unsubscribe visit
                Report abuse to listadmin@xxxxxxxxxxxxxx 

        Do You Yahoo!?
        Tired of spam? Yahoo! Mail has the best spam protection around 
        ***Note: The information contained in this message, including
any attachments, may be privileged, confidential, and protected from
disclosure. If the reader of this message is not the intended recipient,
or an employee or agent responsible for delivering this message to the
intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If
you have received this communication in error, please notify the Sender
immediately by a "reply to sender only" message and destroy all
electronic or paper copies of the communication, including any

Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 

Other related posts: