RE: SBS 2003 Exchange with many retry SMTP connectors.
From: Justin Crosby [MSFT] (jcrosby_at_online.microsoft.com)
Date: 07/07/04
- Next message: Justin Crosby [MSFT]: "RE: Remote Access not working after upgrade, please help!!!"
- Previous message: Javier Gomez [SBS MVP]: "Re: QChain and SBS patches"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 07 Jul 2004 01:15:09 GMT
Marc,
These messages are most likely NDRs generated by your server in response to
some SPAM email. SBS 2003 by default is configured to send an NDR when a
message is sent to your server for an invalid user. Many times spammers
will send alot of spam to your domain guessing the user name. They then
fake the return address of the email. When this happens the mail will sit
in your outbound queue for awhile until eventually moving the the badmail
folder.
Best Regards,
Justin Crosby, MCSE
Microsoft Online Support Engineer
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Thread-Topic: SBS 2003 Exchange with many retry SMTP connectors.
>thread-index: AcRJVHm1O5IDQwJZQZuC40m/pwijow==
>X-WN-Post: microsoft.public.windows.server.sbs
>From: "=?Utf-8?B?TWFyYyBSdXNzbw==?=" <mxrsd@hotmail.com>
>Subject: SBS 2003 Exchange with many retry SMTP connectors.
>Date: Thu, 3 Jun 2004 03:21:04 -0700
>Lines: 5
>Message-ID: <EEF17E0C-0AA7-47CC-BFC9-3C91835F6749@microsoft.com>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>Path: cpmsftngxa10.phx.gbl
>Xref: cpmsftngxa10.phx.gbl microsoft.public.windows.server.sbs:76835
>NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>I seem to get alot of SmallBusiness SMTP Connector's that are in a "Retry"
status. The strange thing is they are e-mails to very strange domains like
"supermail.ru". These domains are not domains any of my 5 users would send
to. I was told that they might be a spoofed mail from a virus, making it
self seem like its being sent from one of my users, is this true and if so,
how do I stop it from happening? Does it use my resources and slow down my
server?
Thanks for your help.
Marc Russo
>
- Next message: Justin Crosby [MSFT]: "RE: Remote Access not working after upgrade, please help!!!"
- Previous message: Javier Gomez [SBS MVP]: "Re: QChain and SBS patches"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
