Re: SMTP Server Remote Queue Length Alert question

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

It might be a better option to look at the Exchange AD filter, which when
enabled only allows incoming email to recipients who are listed in Active
Directory.

Without this filter, all email addressed to @domain.com is accepted,
regarless of whether the name (the part before the @) exists, or not. This
causes Exchange to send an NDR to the originating server, stating that no
such user exists. The vast majority of these NDRs are being attempted to
spoofed domains - they don't exist. This results in a bunch of queues, which
will all eventually time out. Given enough of these type of emails, your
server can be brought to it's knees; this is known a an NDR attack.

With the AD filter activated, this can't happen - your server simply rejects
the emails. There is a caveat, you can read about it in the SBS help file,
while you're reading about how to enable AD filter. You can enable
tarpitting to mitigate the caveat.

--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius


"[MVP] Nick Whittome" <nickwhittome@xxxxxxxxxxx> wrote in message
news:e9GtBRexGHA.2120@xxxxxxxxxxxxxxxxxxxxxxx
You could disable NDR's on the exchange server.


--
Nick Whittome
SBS and FS MVP


MijakiDK wrote:

Hi,

Recently, 2-4 days, I have recieved mails from SBS monitoring stating
"SMTP Server Remote Queue Length Alert".

When I look at the server I have 29 SMTP connections on retry.

I have various errors for the connections.

1. The remote server did not respond to a connection attempt.
2. An SMTP protocol error occurred.
3. Unable to bind to the destination server in DNS
4. No additional information available

All connections seems to be a result of spam, which btw is totally
over the top at the moment.

Any ideas on how to kill these connections?

/Kim Jahn


.

Relevant Pages

  • Re: SBS 2003 IIS BASED SERVICES FAIL INTERMITTENTLY
    ... If I read your post correctly, you have a switch where the SBS ... Run DHCP server on your SBS, and set all client machine nics to dynamic. ... Once you have your nics configured, run the Connect to the Internet wizard, ... QUESTION1 - what is REFUSING CONNECTIONS? ...
    (microsoft.public.windows.server.sbs)
  • Re: Connect users from remote branch office to SBS
    ... the SBS domain? ... I currently have remote access set up via vpn and control who is able ... setup to log into the server and then i have set up to connect ot owa. ... connections. ...
    (microsoft.public.windows.server.sbs)
  • RE: Time Service
    ... Thank you for posting to the SBS Newsgroup. ... time service will start correctly if you choose Broadband connection. ... Go to the SBS 2003 server, ... The following command to create package filter ...
    (microsoft.public.windows.server.sbs)
  • Re: Multiple sites..advice on setup and hardware?
    ... The manner in which SBS2008 will support virtualisation has not yet been confirmed by MS however MS is wholeheartedly jumping into virtualisation. ... Ideally you would run just 'server core + hyper-v' on the hardware with your TS and SBS in virtual machines. ... Do we need additional Exchange Servers for the remote sites? ... All sites have internet access through ADSL connections with different ISPs and are currently just PC workgroups with a few Macs. ...
    (microsoft.public.windows.server.sbs)
  • Re: windows 2003 SBS MAX: users, conections, open
    ... How Can I have 12 connections with just 5 CAL's. ... SBS licenses are sold either Standard or Premium. ... Joe can connect to your server from any location, ...
    (microsoft.public.windows.server.sbs)