How to properly set exchange 5.5 to prevent spam..

[lck092580]

Problem: not sure how to properly set exchange 5.5 to prevent spammers from using our servers to send their junk email. Our ecommerce software NEEDS "routing" to be turned on in order for it to be able to send mail our to our customers (it's an automatic process).

Thanks.

Terence

 

[trimelater]

You company got attack too huh? Follow these steps and you will stop those peeps from relaying off of you Exchange Server.

Click on Microsoft Exchange Administrator.

Click on Configuration.

Click on Connections

Click on Internet Mail Service (Domain Name)

Select the Routing tab

Click on Routing Restrictions...

In Hosts and clients with these IP addresses, type in your subnet such as 10.x.x.1 and your Mask.

This is where you can stop peeps outside from relaying from your server.

If you have any questions, let me know.

 

[lck092580]

Yeah.. that's exactly what i did last week and i put 10.0.0.12 (the ip of our commerce server) but now our commerce server's software can't send anything "thank you" email out to addresses other than our domain. Any ideas? Thanks.

T

 

[trimelater]

THis might sound too basic but did you tried to stop and restart the Services?

Is your commerce server the only one that you want to send off "Thankyou" email? Are you able to send regualar email to anyone?

Another think I can think of is in the Connections tab, Are you forwarding all messages to host or using DNS?
Since you wrote that you can't send email out to anyone. I would take a closer look in the Connecitons tab.

 

[lck092580]

Hehe.. i'd slap myself if i forgot to reset the services (I did restart it).

Yep.. the commerce server has a e-commerce software that needs to relay mail thru the mail server.

Yep.. i can send mail out with outlook 2k.

Our setup consists of 8 servers.. ecommerce server running IIS and some ecommerce software.. mail server running exchange 5.5.. proxy server running ISA..

Thanks.

T

 

[trimelater]

Well, since you only add one ip address to the routing restriction, did you make sure you added all the servers and clients that you want to relay off of your Exchange? Since you only have 10.0.0.12, I am assuming that all other client and servers are not able to relay off the Exchange Server.

If that does not solved your problem, I can't think of anything else that can help you.

I hope someone else can answer you question.

 

[lck092580]

Well.. the only server i want to give permission to relay is the commerce server with the ip 10.0.0.12. Adding another ip to exchange won't suddenly make all this work would it?

T

 

[trimelater]

Most likely not.

Alright, my last attempt to answer your question and if this does not work, call Microsoft and spend 200 an hour.

In the routing restriction table. Under "Hosts and clients connectiong to these internal addresses", add the 10.0.0.12 and remove the 10.0.0.12 from the "Hosts and clients with these IP addresses."

I was at a client and we had a problem of having HEAT software to relay email. I suggested him to add it in the "Hosts and clients connecting to these internal addresses" and seem to work fine.

Good Luck to you!!!!

 

[lck092580]

Nope.. tried that already.. thanks for trying tho.

T

 

[Jackcipk]

Hey, T ! Still have the problem ?

I assume you already set Routing with Restrictions as suggested. You may, however, add your internal IP subnet with mask (10.0.0.1 and 255.255.255.0, in my case) in Hosts and clients with these IP address, with Host and clients that successfully authenticate selected.

Having above accomplished, can you send e-mails from your web to persons out of your LAN? Also test to see if you still have Spam problem (test RCPT TO: badguy@relay2everywhere.com).

Let me know how it goes. It's not about whether you can do it or not, it's about HOW
OK, Let's Do It !!!
jliu@Cipk.com

 

[lck092580]

Hi Jack.. i dunno.. but whenever i see u reply i have this feeling that my problems would be resolved pretty soon. hehe.. anyho.. the first thing i want to ask is this:

(10.0.0.1 and 255.255.255.0, in my case) <-- The subnet mask seems incorrect.. isn't the the ip 10.0.0.1 a class A ip which means the subnet mask has to be 255.0.0.0? Isn't 255.255.255.0 a class C subnet mask?

Ur suggestion to check &quot;Host and clients that successfully authenticate&quot; was something i haven't tried. I have this hunch that it's going to work tho.. probably cuz it came from u haha... i'm going to try it first thing in the morning tomorrow.

I've finished up most of the &quot;to-do&quot; list i have to complete for our commerce site.. so this is going to be one of my top priorities..

Thanks Jack.. let me know wat happens.. (i still dunno wat happened to my post yesterday.. it just vanished).

= )

T

BTW: i like ur happy face.. gives me a lot of confidence in you (the pipe).

 

[Jackcipk]

Hey, T ! Thanks for your kind words!

Yeah, I was very surprised yesterday, when I found out your post was gone. I thought you were sooo super that you could delete the post here. It did take me a while, trying to figure out how you could do that, but no luck .

Well, I have to do a little homework on this subject too, and I will get back to you later. Take care !

It's not about whether you can do it or not, it's about HOW
OK, Let's Do It !!!
jliu@Cipk.com

 

[lck092580]

Heh.. i meant what i said.. (b4 anyone misunderstands me i gotta say that everyone here is helpful.. every since i've discovered this site i've been coming here everyday).

I'm very happy that u continue to follow up on my 'queries' regarding all the things i've dished out for the past week. There are others that tried too.. and i'm glad that there are ppl like the ones here that'll be willing to help out others. Let me say thanks to all of you(s).

Nah.. i didn't know why it got deleted.. maybe some files got corrupted over @ tek-tips' servers (need an admin tek-tip?.. hire me hahaha).

I'll let u know what happens tomorrow after i make the changes. Thanks.

Terence

 

[lck092580]

Jack!!!.. ur suggestion didn't work but I did end up getting it to work? You know how?.. I emailed the author of the article you posted and he ended up mailing me back. It turns out (u were rite) the subnet mask was incorrect.. he told me to put the subnet mask of 255.255.255.255 and it &quot;magically&quot; worked.. (looks like I need to do more hw on the art of subnet masking.. i'm totally confused now). Here's what he wrote in the email .. hope this could help others out there that are now/going to face the same problem I have.

----------------------------------------------------------
Hi Terence.

The usual problem is that people, quite naturally, enter the subnet mask for
the network that the relaying machine belongs to. In fact you have to enter
a subnet mask that specifically defines the IP address, or network address
that you enter. So, in your case, you would need to enter a subnet mask of
255.255.255.255 .

Try it and see if it behaves any differently.

Lee.
--------------------------------------------------------

Thanks for your help Jack.. really appreciate it. I'm sure u'll help out again (when i have another question).

= )

-Terence's Tip of the Day-
Do not.. I repeat do not get any part of a halibut that's near the stomach or head.. u'd be amazed @ how many worms I see on the weekend when my uncle fillets a halibut.. he has to cut off soo much of the meat cuz there's so many worms in it. <-- halibut resides @ the bottom of the ocean.. so it eats a lot of dirty stuff. = )

Happy computing..

P.S. If u're bored or anything here's a site that's very funny.

Terence

http://www.resumania.com

 

[Jackcipk]

Congratulations, T !
Jack It's not about whether you can do it or not, it's about HOW
OK, Let's Do It !!!
jliu@Cipk.com

 

[trimelater]

Doh! I should have thought of that. Congrat T!!!

Trimelater

 

[lck092580]

Dun worry trimelater.. u're not alone!!!.. I want to thank you for ur help toO!!!.. I'm happy that this issue was clarified and now we all know why we had to put that subnet mask in.

= )

T

 

[Jackcipk]

I am still using my 255.255.255.0 mask, since I have more than 1 e-mail server on my network. It's not about whether you can do it or not, it's about HOW
OK, Let's Do It !!!
jliu@Cipk.com