Re: Exchange Server 2000 relay problem.

From: Dan Kelley [MSFT] (dankel_at_online.microsoft.com)
Date: 03/01/04 

Date: Mon, 1 Mar 2004 12:52:41 -0500

Hello Ken,

These may be NDRs from spam. Right-click on the SMTP queue in question and
then select "Enumerate 100 messages", then double-click on the queues object
in question. Check the Sent From field and look at the sender address. Is
this a sender from an external domain or postmaster?

If a sender from an external domain, then you still have messages from the
open relay that have not been cleared. If this is the case and you cannot
clear these with the procedures covered in the article you referenced:

324958 HOW TO: Block Open SMTP Relaying and Clean Up Exchange Server SMTP
http://support.microsoft.com/?id=324958

... then you may want to open a case with PSS for assistance. Charges for
the call may apply.

If from postmaster@localdomain.com, then these are likely NDRs for spam
messages.

Spammers send mail to a common list of e-mail addresses, e.g. jdoe, jsmith,
etc. Per the RFCs a mail server is required to accept mail destined for it's
domain. Any messages for addresses that do not exist are returned as
non-deliverable, hence the NDRs you are likely seeing.

With Exchange 2000 or later you can disable sending NDRs, but this is not
possible with Exchange 5.5. You may also want to look into a third-party
content-filtering or anti-spam solution.

To disable NDRs on Exchange 2000 or later, from Exchange System Manager
expand the Global Settings object. Click on the Internet Message Formats
object. In the right-hand pane, double click on the Default object (or
right-click and select Properties) and select the Advanced tab. Clear the
"Allow non-delivery reports" check box, then click the Apply and OK buttons.

For more information on third-party products, please refer to the link
below:

Exchange Partners: E-Mail Content Security
http://www.microsoft.com/exchange/partners/emailcontent.asp 

-- 
Regards,
Dan Kelley
Microsoft PSS
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.
-----
"Ken Hathaway" <KenH@visionbsi.com> wrote in message
news:#gmcVwX$DHA.220@TK2MSFTNGP09.phx.gbl...
> I keep getting 1000000s of messages in the badmail folder on the exchange
> server. I keep deleting them but they come back. I look in the queue
folder
> for the exchange server and find a large number of messages addressed to
> other domains. I checked to make sure I have relaying diabled and even
setup
> diagnostic loggin on  the SMTP protocol to see if a validated users is
> relaying but don't get any log event's indicating it. I tested from
outside
> a confirmed that relaying is disabled. I have been using article 324958,
> along with any other articles I can find, to try and resolve this issue.
The
> server has SP3 on it. Any ideas of what the problem can be?
>
>