Re: Excessive reverse lookups.
From: Alan Sun [MSFT] (v-asun_at_online.microsoft.com)
Date: 09/15/04
- Next message: Rick Newton: "Re: Mail Delivery"
- Previous message: Anthony Edwards: "Re: Blacklisted on MAPS RSS HELP!!!"
- In reply to: jim: "Re: Excessive reverse lookups."
- Next in thread: Yor Suiris: "Re: Excessive reverse lookups."
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 15 Sep 2004 09:12:45 GMT
Hi Jim,
Thanks for your posting back.
I have read your intial post, and I understand that your Exchange server
has sent lots of Reverse DNS lookup requests, which has harmmered your
ISP's DNS server.
I suggest you first check if you have enbled the "Perform Reverse DNS
Lookup for Incoming Messages" option. If so, I suggest you disable it, as
this option in Exchange doesn't prevent Spam.
In addition, you look into the following article for more informaiton about
how to prevent spam:
319356.KB.EN-US HOW TO: Prevent Unsolicited Commercial E-Mail in Exchange
2000 Server
http://support.microsoft.com/default.aspx?scid=KB;EN-US;319356
Please feel free to let me know if you have any other concerns. Thanks and
have a nice day!
Thanks & Regards
Alan Sun
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
|From: "jim" <jim@NOSPAM.com>
|References: <eB4OcpzlEHA.1644@tk2msftngp13.phx.gbl>
<5yRunNWmEHA.3608@cpmsftngxa10.phx.gbl>
<#RIM0DZmEHA.2764@TK2MSFTNGP11.phx.gbl>
<icun26jmEHA.3212@cpmsftngxa06.phx.gbl>
|Subject: Re: Excessive reverse lookups.
|Date: Tue, 14 Sep 2004 09:59:11 -0400
|Lines: 208
|X-Priority: 3
|X-MSMail-Priority: Normal
|X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
|X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
|Message-ID: <OijtEMmmEHA.2880@TK2MSFTNGP14.phx.gbl>
|Newsgroups: microsoft.public.exchange2000.admin
|NNTP-Posting-Host: pat.axcelis.com 12.146.8.100
|Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGXA03.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA0
1.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
|Xref: cpmsftngxa06.phx.gbl microsoft.public.exchange2000.admin:111514
|X-Tomcat-NG: microsoft.public.exchange2000.admin
|
|You can start by reading my original post and resist the urge to
respond
|with a pre-canned answer.
|
|
|"Alan Sun [MSFT]" <v-asun@online.microsoft.com> wrote in message
|news:icun26jmEHA.3212@cpmsftngxa06.phx.gbl...
|> Hi Jim,
|>
|> Thanks for your posting back.
|>
|> It seems that I have misunderstood your concerns, so pleease
describe your
|> problem in more details so that we can provide further help.
|>
|> I am waiting for your update.
|>
|> Thanks & Regards
|> Alan Sun
|> Microsoft Online Partner Support
|>
|> Get Secure! - www.microsoft.com/security
|> =====================================================
|> When responding to posts, please "Reply to Group" via your
newsreader so
|> that others may learn and benefit from your issue.
|> =====================================================
|>
|> This posting is provided "AS IS" with no warranties, and confers no
|rights.
|>
|>
|>
|> --------------------
|> |From: "jim" <jim@NOSPAM.com>
|> |References: <eB4OcpzlEHA.1644@tk2msftngp13.phx.gbl>
|> <5yRunNWmEHA.3608@cpmsftngxa10.phx.gbl>
|> |Subject: Re: Excessive reverse lookups.
|> |Date: Mon, 13 Sep 2004 08:55:30 -0400
|> |Lines: 125
|> |X-Priority: 3
|> |X-MSMail-Priority: Normal
|> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
|> |X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
|> |Message-ID: <#RIM0DZmEHA.2764@TK2MSFTNGP11.phx.gbl>
|> |Newsgroups: microsoft.public.exchange2000.admin
|> |NNTP-Posting-Host: pat.axcelis.com 12.146.8.100
|> |Path:
|>
|cpmsftngxa10.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP
0
|> 8.phx.gbl!TK2MSFTNGP11.phx.gbl
|> |Xref: cpmsftngxa10.phx.gbl
|microsoft.public.exchange2000.admin:111277
|> |X-Tomcat-NG: microsoft.public.exchange2000.admin
|> |
|> |You didn't even read my posting, did you?
|> |
|> |
|> |"Alan Sun [MSFT]" <v-asun@online.microsoft.com> wrote in
message
|> |news:5yRunNWmEHA.3608@cpmsftngxa10.phx.gbl...
|> |> Hello Jim,
|> |>
|> |> Thanks for your posting here.
|> |>
|> |> According to your situation, I suggest you first check the
Reverse
|> DNS
|> |> Lookup option on Exchange server. The "Perform Reverse DNS
Lookup
|> for
|> |> Incoming Messages" option is located on the "Default
Virtual SMTP
|> Server
|> |> Properties" dialog box: On the Delivery tab, click Advanced.
|> |>
|> |> More info here:
|> |> 297412 The "Perform Reverse DNS Lookup for Incoming
Messages"
|> Option Is
|> |for
|> |> http://support.microsoft.com/?id=297412
|> |>
|> |> To prevent spam, you can use the following methods
|> |>
|> |> -- Prevent Relaying
|> |> -- Configure IP Address Restrictions
|> |> -- Implement Authentication
|> |> -- Set Message Limits
|> |> -- Use Reverse DNS Lookup
|> |> -- Configure the SMTP Connector
|> |>
|> |> For more information, look into the instructions in the
following
|> |document:
|> |> 319356.KB.EN-US HOW TO: Prevent Unsolicited Commercial
E-Mail in
|> Exchange
|> |> 2000 Server
|> |>
http://support.microsoft.com/default.aspx?scid=KB;EN-US;319356
|> |>
|> |> In addition, there are some third-party tools which provide
this
|> kind of
|> |> function. You can look into the following link:
|> |>
|> |> http://www.slipstick.com/addins/content_control.htm
|> |>
|> |> ============
|> |> Warning: This response contains a reference to a third
party World
|> Wide
|> |Web
|> |> site. Microsoft is providing this information as a
convenience to
|> you.
|> |> Microsoft does not control these sites and has not tested
any
|> software or
|> |> information found on these sites; therefore, Microsoft
cannot make
|> any
|> |> representations regarding the quality, safety, or
suitability of
|any
|> |> software or information found there. There are inherent
dangers in
|> the use
|> |> of any software found on the Internet, and Microsoft
cautions you
|> to make
|> |> sure that you completely understand the risk before
retrieving any
|> |software
|> |> from the Internet.
|> |> ============
|> |>
|> |> Hope this helps! If you need further help or have other
concerns,
|> just
|> |post
|> |> back to let me know. Thanks and have a nice day!
|> |>
|> |> Thanks & Regards
|> |> Alan Sun
|> |> Microsoft Online Partner Support
|> |>
|> |> Get Secure! - www.microsoft.com/security
|> |> =====================================================
|> |> When responding to posts, please "Reply to Group" via your
|> newsreader so
|> |> that others may learn and benefit from your issue.
|> |> =====================================================
|> |>
|> |> This posting is provided "AS IS" with no warranties, and
confers
|no
|> |rights.
|> |>
|> |>
|> |>
|> |> --------------------
|> |> |From: "jim" <jim@NOSPAM.com>
|> |> |Subject: Excessive reverse lookups.
|> |> |Date: Fri, 10 Sep 2004 09:30:36 -0400
|> |> |Lines: 19
|> |> |X-Priority: 3
|> |> |X-MSMail-Priority: Normal
|> |> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
|> |> |X-MimeOLE: Produced By Microsoft MimeOLE
V6.00.2800.1441
|> |> |Message-ID: <eB4OcpzlEHA.1644@tk2msftngp13.phx.gbl>
|> |> |Newsgroups: microsoft.public.exchange2000.admin
|> |> |NNTP-Posting-Host: pat.axcelis.com 12.146.8.100
|> |> |Path:
|> |>
|>
|>
||cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp
1
|> 3
|> |> phx.gbl
|> |> |Xref: cpmsftngxa10.phx.gbl
|> |microsoft.public.exchange2000.admin:111202
|> |> |X-Tomcat-NG: microsoft.public.exchange2000.admin
|> |> |
|> |> |We've been warned by our ISP that our two SMTP
gateways are
|> |> performing an
|> |> |excessive amount of reverse lookups and hammering
their dns
|> servers.
|> |> We
|> |> |DON'T have that feature turned on in the virtual smtp
server
|> |> properties
|> |> |(deliver > advanced > configure..). The only thing i
see on
|> our
|> |side
|> |> are
|> |> |all the bounced spam messages sitting in our queues
|> undeliverable.
|> |> It seems
|> |> |like we get a huge volume of spam (far more spam than
|> legitimate),
|> |> but i'm
|> |> |not sure that it's any higher than most other
companies. In
|> any
|> |> event,
|> |> |we're in Ex2K native mode, SP3 on all servers.
|> |> |
|> |> |Can this lookup problem be addressed without adding a
third
|> party
|> |spam
|> |> |filter? Are there any registry tweaks that can
reduce the
|> volume of
|> |> |lookups? We have relaying turned off. We try to
filter a
|> fair
|> |> number of
|> |> |subnets using spamhaus as a reference...
|> |> |
|> |> |Any advice/help is appreciated.
|> |> |
|> |> |
|> |> |
|> |> |
|> |> |
|> |>
|> |
|> |
|> |
|>
|
|
|
- Next message: Rick Newton: "Re: Mail Delivery"
- Previous message: Anthony Edwards: "Re: Blacklisted on MAPS RSS HELP!!!"
- In reply to: jim: "Re: Excessive reverse lookups."
- Next in thread: Yor Suiris: "Re: Excessive reverse lookups."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
