Hello all. I have a Exchange 5.5 server, I have dis-allowed forwarding on my server, but we will get a ton of emails in my que with the orginator of <>, and the recipient is always accounts outside of my domain. How can I determine where these are coming from and stop them from bogging down my server?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Exchange 5.5 possibe spam?
- Thread starter drhixson
- Start date
mattjurado
MIS
Really sounds like that server is still open-relay.
Couple of links for you to research and double check some things:
Once you're done, you really want to make sure that your domain hasn't been flagged for spamming. You might be on several blacklists, test your domain/ip at:
ttp://
Matt
Couple of links for you to research and double check some things:
Once you're done, you really want to make sure that your domain hasn't been flagged for spamming. You might be on several blacklists, test your domain/ip at:
ttp://
Matt
This is probably NOT spam, something almost as annoying though. I would check some of the relay testing sites to verify that you don't have an open relay.
If you aren't an open relay then whats happening is some spammer is sending a message to a non existant mailbox on your system using a faked/forged return address, your system attempts to send a non delivery receipt to that faked/forged address that also doesn't exist. Exchange prevents infinite mail looping by stripping the senders address and placing a <>. If it didn't strip the address your system would keep sending ndr's back and forth, because neither address is valid. Unfortunately, unless you want to turn of the NDR's completely (not an option in my organization) there really isn't an easy solution to combatting this. Eventually these buggers just time out and get deleted anyway.
If you aren't an open relay then whats happening is some spammer is sending a message to a non existant mailbox on your system using a faked/forged return address, your system attempts to send a non delivery receipt to that faked/forged address that also doesn't exist. Exchange prevents infinite mail looping by stripping the senders address and placing a <>. If it didn't strip the address your system would keep sending ndr's back and forth, because neither address is valid. Unfortunately, unless you want to turn of the NDR's completely (not an option in my organization) there really isn't an easy solution to combatting this. Eventually these buggers just time out and get deleted anyway.
InterGeorge
Technical User
Just a hint, the account <> is the postmaster of your domain.
George
George
- Status
Similar threads