No announcement yet.

Open Relay and Exchange

  • Filter
  • Time
  • Show
Clear All
new posts

  • Open Relay and Exchange

    Hi all,

    I have a slight problem. My Exchange 2k3 server desided to corrupt my mail store. This was't that big of a deal i had backups and I wanted to decommision that server anyway, so i just built another one and restored the backup to the new Exchange server. Problem is I messed up and left it as an open relay. In 4 days we started noticing that internet access was getting really slow and mail was moving at a snails pace. By the time i figured out what I did wrong I had 3200 smtp queues with most of them comming from Taiwan. Anyway I stopped the SMTP virtual server and manually deleted all the e-mails. I configured the SMTP virtual server Relay restrictions to only accept relays from our subnets and domains.

    But I still have 1032 queues in exchange server. I am sure we never had this many before. There are a few queues that have .ru and .de addresses and I know we don't send stuff to Russia.

    Our Environment: W2k3 servers, Exchange 2k3, mostly Outlook Express clients and some Outlook 2000/2003. We only have 160 mailboxes.

    So now I got flagged as a spammer inquite a few places and some of our e-mails are not going thru.

    So question 1. Did I configure the SMTP Virtual Server correctly?

    2. What can I do about being flagged as a spammer?

    Any help will be greatly appreciated.

  • #2
    Re: Open Relay and Exchange

    Unless you have SMTP processes internally you do not need to have anything listed to relay through your server. Setting a subnet to relay is very dangerous and is open to abuse.
    Exchange and Outlook do not need relay settings to be configured in that way to work correctly.

    If you do have internal SMTP requirements (monitoring emails for example) then configure a second SMTP virtual server that is not exposed to the internet and point everything internally at that. The internet facing SMTP virtual server should then be secured to require authenticated relaying at most, and preferably no relaying at all.

    To cleanup the server you may want to look at my clean up guide:

    Simon Butler
    Exchange MVP

    More Exchange Content:
    Exchange Resources List:
    In the UK? Hire me:

    Sembee is a registered trademark, used here with permission.