Re: IIS SMTP relay spam problem

Investigate an anti-spam solution such as spamassassin or a commercial
product and consider moving your mailer to something other than a DC.
Otherwise, I'd say you may want to up the schedule you use for the badmail
folder or consider just not keeping badmail at all.


"Shane" <Shane@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B157CF03-CFB2-4370-865D-BEBF6A8630ED@xxxxxxxxxxxxxxxx
I've been getting the same problem.
In my situation the Domain Controller is smtp server and the badmail
folder
was on the systems partion. The whole shebang came to a grinding halt a
couple of days ago.
With a little ferretting I found that my badmail folder was enormous.
Right
click properties..... waited 2.5 hours until I cancelled at which stage
it
was over a million files and several gigabytes. To big to delete with
windows. So I made a new folder Badmail2 and redirected. At DOS prompt
deleted Badmail\*.* which I might add took 12 hours. I then moved the
Badmail
folder to it own partion.
I am still being spammed at the rate of between 200 and 4000 an hour. The
badmails are all NDRs.
The original emails usually have no subject or content, although in one
set
I appear to have been sent the entire LORD OF THE RINGS in 1K blocks. and
the
addresses well arnoldschwezzernagger@........ etc.
I've set the retry interval to 1 - 2 - 3 minutes and time to live at 3
minutes just to get the queue to a reasonable level and delete the badmail
twice daily.
By the way the server is on the other side of a firewall router with only
ports 25 and 100 open.
Anything else I can do.




"HostMasterX" wrote:

Weeeell, I notice that removing the NDR from the Queue folder did not
take it
permanently out of the queue! What I did do today though, is stop the
Web
Publishing service, stop the SMTP Service and reboot, and that got it
purged.

FYI for anybody in the future.

And thank you Mr. Mulnick for your insightful reply.

"HostMasterX" wrote:

I found the NDR message in my c:\Mailroot\Queue folder and just deleted
it
to cancel the sending of it. So I guess that is all that it was and my
server was not compromised to mail out spams.

Any more advice or opinions?



.

Relevant Pages

  • Re: Spammers using our server?
    ... they will cause some of the badmail etc. ... Spam emails, and the header shows the sending server was our one. ... > flow of mails in your Queue folder doesen't mean that someone is using ...
    (microsoft.public.exchange2000.admin)
  • smtp relay question
    ... I'm having a problem with my exchange server 2003. ... deleting all the files in the badmail folder. ... As fast as I could delete the files in the badmail folder, ...
    (microsoft.public.exchange2000.general)
  • Re: Badmail folder too full
    ... Returns the files older than intDays found on path strPath ... var arrRes = new Array; ... var folder = fs.GetFolder; ... > SP 1 for Exchange 2003 addresses fixes this problem qith the badmail ...
    (microsoft.public.exchange.admin)
  • RE: Huge Mailroot folder!! Help
    ... Badmail has been disabled in Exchange 2003 SP1. ... 884068 The Badmail folder is disabled in Exchange Server 2003 SP1 ... Microsoft Online Partner Support ...
    (microsoft.public.exchange.setup)
  • RE: Badmail folder
    ... Badmail has been disabled in Exchange 2003 SP1. ... 884068 The Badmail folder is disabled in Exchange Server 2003 SP1 ... Microsoft Online Partner Support ...
    (microsoft.public.exchange.setup)
Loading