Re: exchange spamming

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 10/13/04

• Next message: LP: "expiring passwords for only for a a single OU not the hole domain"
• Previous message: Lanwench [MVP - Exchange]: "Re: Personal Folders vs. Outlook Folders"
• In reply to: obed: "exchange spamming"
• Messages sorted by: [ date ] [ thread ]

---

Date: Wed, 13 Oct 2004 09:59:03 -0400

obed wrote:
> I Have a my mail server running exchange 2003 on windows 2000 server
> and i have got around 1lakh of emails in queue

Who are they from?

> and when ever i try to
> delete it from queue i get deleted and again start building up and my
> mail server gets slow down
> Please help me out and let me know weather do i need to install some
> spamming software for my mail server.
> Thanks in advance.

You might, if you're receiving a lot of spam. If your server is being kept
very busy trying to send NDRs to spammers who sent to invalid addresses on
your domain, and/or you're getting a lot of spam actually delivered, look
into antispam software.

If the messages in the queues aren't from postmaster (<>), but are from
domains not hosted on your Exchange server, you may be being used as a
relay. E2k/2003 out of the box don't permit open relay, but authenticated
relay is permitted by default.

See http://www.vamsoft.com/orf/authattack.asp

If you don't have strong/complex password policies enabled, force regular
password changes, have enabled guest, etc., someone may exploit
authenticated relay. If you don't need authenticated relay, disable it. You
can always have any external POP users use their own ISP's SMTP server for
outbound mail anyway.

See http://www.msexchange.org/tutorials/MF005.html for a good overview of
relaying and spam.

---

• Next message: LP: "expiring passwords for only for a a single OU not the hole domain"
• Previous message: Lanwench [MVP - Exchange]: "Re: Personal Folders vs. Outlook Folders"
• In reply to: obed: "exchange spamming"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Joe Jobbing? ... be /nothing/ in the allow relay box. ... successfully authenticate" should /not/ be checked on your server. ... in the "Configure the Exchange Server to Block Open SMTP Relaying" ... > There are internal queues within Exchange that aren't visible to the queue ... (microsoft.public.exchange2000.admin) Re: Help SBS2003 acting as relay ... If KB324958 testing shows no relay, ... I suspect that they move from target server to target server in order to ... That tip Ace for clearing the queue was excellent. ... Connector Scope - Entire Organization ... (microsoft.public.windows.server.sbs) Re: SMTP Queue ... What I do is to use the web-based SMTP tool at www.zoneedit.com/smtp.html ... then the server is an "open relay". ... >>Exchange will automatically delete these from the queue ... (microsoft.public.exchange.admin) Re: Help SBS2003 acting as relay ... passwords including the SBS server administrator and the router. ... Queue still growing with no workstations connected. ... Relay restrictions are ... Connector Scope - Entire Organization ... (microsoft.public.windows.server.sbs) Re: Spoofed? ... network, and yet it has Internet ... it doesn't sound like it's a problem with the Exchange server. ... have enabled guest, etc., someone may exploit authenticated relay. ... (microsoft.public.exchange.admin)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Exchange  > microsoft.public.exchange.admin  > 2004-10