Re: HELP - can't figure out this violation!
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 10/08/04
- Next message: Matt Nowell: "LDAP Properties on Exchange 2003 Server"
- Previous message: Lanwench [MVP - Exchange]: "Re: User modifying personal info in pab within outlook"
- In reply to: Bob Britton: "HELP - can't figure out this violation!"
- Next in thread: Bob Britton: "Re: HELP - can't figure out this violation!"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 8 Oct 2004 10:25:54 -0400
Bob Britton wrote:
> I'm desperate for help.
>
> We just did an exchange 2003 email install with internet connectivity
> (SMTP mail).
>
> I just noticed that there are several hundred thousand reports of
> badmail.
You should keep this cleaned out - either via a simple batch file that
deletes the contents daily (scheduled tasks), a script, or via SP1 for
E2003.
>
> I stopped the smtp service, cleaned out the queue, pickup, and
> badmail (del *.* in all).
>
> Then, I re-enabled outbound (SMTP).
>
> the queue quickly fills up and grows from just a couple of delivery
> queues for internet destinations to several hundred queues with a
> couple hundred mails in each.
>
> If i try and 'find message' and view the properties on one of them,
> they all say 'message from postmaster@mydomain.local'
That's just your server sending NDRs - or trying to.
>
> I went through the email settings for relay and it's definitely
> turned off.
This wouldn't be a relay issue, but make sure you have authenticated relay
disabled unless absolutely necessary (and if you need it, make sure you have
a very good complex password policy & forced changes, and Guest is not
enabled)
>
> help! I can't figure out who's dumping all these message on my box!
You're getting a lot of attempted spam, most likely. Try and head it off at
the pass with antispam software/IMF/whatnot.
>
> Also, I have a whopping (2) client PCs on my network. each runs norton
> antivirus.
>
> how do i track down who's dumping these messages in my exchange box!
Nobody's dumping them there - most likely your server is trying to send NDRs
to spammers, and the NDRs aren't deliverable, and they go to badmail. If
you're getting a lot of attempted spam, you need to keep the stuff coming in
the first place.
>
> could some one also verify that they can't relay
You can do a simple lookup yourself at www.dnsreport.com
>
> my ip is 66.202.22.51
>
> thanks! HELP I'm dyin here!
- Next message: Matt Nowell: "LDAP Properties on Exchange 2003 Server"
- Previous message: Lanwench [MVP - Exchange]: "Re: User modifying personal info in pab within outlook"
- In reply to: Bob Britton: "HELP - can't figure out this violation!"
- Next in thread: Bob Britton: "Re: HELP - can't figure out this violation!"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
