Re: Junk/Relay Mail Problems...Help!!

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 04/12/04 

Date: Mon, 12 Apr 2004 09:51:14 -0400

If you've scanned everything and are certain your systems aren't infected,
these messages are most likely bogus - bogus in the sense that the virus
(SWEN, probably) spoofs the sender, so you're getting the NDRs because the
recipient's server thinks it's from you. I notice that your e-mail address
isn't 'munged' in your OE news account settings - SWEN harvests e-mail
addresses from usenet and sends out as those addresses, so I suggest you
munge when you post - see http://www.mailmsg.com/SPAM_munging.htm for some
help.

Regarding relay - E2k out of the box is not an open relay, and relay is
unlikely to be related to this problem anyway, but note that authenticated
relay can be a problem if you don't have complex passwords, regular password
changes, haven't renamed default accounts, etc...I'd recommend disabling it
if you don't absolutely need it. See
http://www.vamsoft.com/orf/authattack.asp for more info on this.

Mohammed Alli wrote:
> I keep receiving junk mails, like the one below, everyday. The
> majority though, are from Microsoft Security Update. Can someone
> help me figure out whats going on. I am running Exchange
> 2000/Windows 2000 Server and I have Trend Officescan/Trend Server
> Protect in place. I also have a Watchguard Firebox 2 in place. I
> know that I had a couple instances of MY_DOOM in a few mailboxes, but
> I've cleaned those, using a trial version of Trend Scanmail.
>
> The mail below I think is being relayed through my exchange server,
> correct me if I'm wrong.
> From: Inet Message System [mailerengine@yahoo.com]
>
> This is the qmail program
>
> I'm sorry I wasn't able to deliver your message to one or more
> destinations.
>
> Undelivered mail to ojkzqh@yahoo.com
>
>
> Below are a list of subjects that most of these mails come with
> New Net Security Update
> Current Network Critical Patch
> Latest Microsoft Security Pack
> Newest Security Pack
> Bug Advice
> New Microsoft Pack
> Failure Notice
> Current Network Critical Update
>
> Any suggestions would be greatly appreciated.

Relevant Pages

  • Re: SMTP Open relay
    ... > I see what you are saying and indeed the mails never go anywhere. ... > as It should only relay for authenticated users as I have it set up. ... > address and that the ORDB tests are trying to exploit some kind of SMTP ... a **non-existing** email, IIS SMTP service accepts the relay, but POP3 says, ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: SMTP Relay Problem
    ... Do I need to specify my ISP's lan IP range. ... I am getting error while using SMTP Relay, ... When we configured 'SMTP Virtual Server' Relay as 'All except the list ... we could able to send and receive mails from ...
    (microsoft.public.inetserver.iis.security)
  • Re: SMTP Relay Problem
    ... i recommend turning off authentication and then setting the relay settings ... I am getting error while using SMTP Relay, ... we could able to send and receive mails from our ... Outlook client to gmail/yahoo..... ...
    (microsoft.public.inetserver.iis.security)
  • Junk/Relay Mail Problems...Help!!
    ... I keep receiving junk mails, like the one below, everyday. ... New Net Security Update ... Latest Microsoft Security Pack ...
    (microsoft.public.exchange.admin)
  • Re: Mail Scenerio SBS2003..Input please...
    ... But my ISP allows me to use its relay for sending mails ... > Does the mailhop relay take care of the "reverse DNS" issues..? ... >> What you need is to look at Dynamic DNS service providers. ...
    (microsoft.public.windows.server.sbs)
Loading