Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Clarifying NDRs in the SMTP Queues

Status
Not open for further replies.
hende10

hende10

MIS
Aug 22, 2002
93
US
Like previous posters here, my SMTP Queues are filled with messages and domains. These messages are all from "postmaster@mydomain.com", so can I assume this is an automated NDR, generated by our server, to a spam email address? We do receive a lot of spam, which sometimes uses multiple arbitrary users that do not exist like abc123@mydomain.com. Is the only way to prevent this to disable automatic NDRs?

Also, the SMTP current sessions lists servers/IPs that I am not familiar with, from all over the world. I have since turned on logging for the MSExchangeTransport, but have yet to find any 1708 events. Does this mean that spammers are trying to log on to my server, but are unsuccessful?

Finally, is the best solution listed here is to disable authenticated relay? If so, how will it affect remote users using OWA and VPN?

Thanks,

Hende
 
Sort by date Sort by votes
How do you send/recieve emails?

if it is via a single ISP holding an MX record for you and relaying on your behalf

disable all relay except the IP of the mail server itself and your ISP

if you send/recieve mail yourself via DNS

disable all relay except the IP of the mail server itself but allow connection for all (should be a connection tab under the Default SMTP Virtual Server, its friday, its late, an i've polished off a bottle of wine, might get the PS2 online in a mo, lol)

this should work, i emphasis 'should'

i once had a SME that were sending and recieving via DNS and it continued to have connections gathering connection time (very dodgy), i put an SMTP filter in place (had a spare 'genuine' license for Mcafee) authorised only the mail server and the filter as being able to relay and the connections stopped but email continued come in and go out.

basically, a geniune connection or queue should be too quick for you to see in the SM unless you pause one of the queues

Gurner

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
3K
microsGuy16
microsGuy16
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
3K
Brent Fletcher
Brent Fletcher
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
3K
Priyanka_Chauhan
Priyanka_Chauhan
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers

Part and Inventory Search

Sponsor

Back
Top