General discussion

Locked

Stop Exchange 5.5 from accepting msgs

By Colin Alfke ·
I am running Exchange 5.5 sp3 on NT 4.0 sp 4. The server has been added to the mail-abuse.org RSS list. I have closed the open relay but it will still accept any e-mail with the valid domain - whether or not it exists in the address list. I have followed the instructions in the MS article "Is your exchange server relay-secure" and set reroute incoming SMTP mail and set the routing restrictions to Hosts and clients with these IP address - which is left blank. The server still accepts e-mail addressed to users who are not in the address list ie. invalidemail@mydomain.com.

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Stop Exchange 5.5 from accepting msgs

by DoubleDown In reply to Stop Exchange 5.5 from ac ...

what happens if you choose do not re-route incoming smtp mail?

Collapse -

Stop Exchange 5.5 from accepting msgs

by Colin Alfke In reply to Stop Exchange 5.5 from ac ...

Then even messages to valid addresses are not accepted.

Collapse -

Stop Exchange 5.5 from accepting msgs

by Stillatit In reply to Stop Exchange 5.5 from ac ...

This is probably the correct behavior. The point of securing the server is to prevent some user@domainA from sending SMTP mail to your server server.mydomain.com addressed to otheruser@domainB and having your server forword the message to domainB. This "open relay" behavior allows spammers to use your server to send their mail, and allows them to avoid having to use their own server, which may make them more traceable. You probably WANT your server to accept (not relay) all mail to your domain, and have invalid addresses go to postmaster@mydomain.com.

Just a note -- remember that changes to most parameters in Exchange do not take effect unless you stop and restart the service involved.

Good luck.

Collapse -

Stop Exchange 5.5 from accepting msgs

by Colin Alfke In reply to Stop Exchange 5.5 from ac ...

Your're partially right, this was done to prevent your scenario; however, the article quoted indicates that these settings will stop both the open-relay and "Reverse UCE" issues. But it does not stop the "Reverse UCE" issue. I don't want the system to accept all mail to my domain as that leaves it open to mail flood amd UCE attacks. (Also mail-abuse.org will not remove it from it's list until I do).

I have stopped and restarted the IMS service (a number of times and rebooted a couple).

Thanks anyway

Collapse -

Stop Exchange 5.5 from accepting msgs

by DoubleDown In reply to Stop Exchange 5.5 from ac ...

Funny, I've got my routing option set to "Do not re-route incoming SMTP mail" and I'm able to send and receive mail just fine.

Collapse -

Stop Exchange 5.5 from accepting msgs

by Colin Alfke In reply to Stop Exchange 5.5 from ac ...

Perhaps it is a different setting or
service that is routing your mail.
Although I only tested mine by telneting
into port 25 on the mail server - it did
not accept a RCPT TO: address that was
in the address list and since I don't
know enough about the mail server I
didn't want to leave it like that.
Besides, the MS article indicated that
it was not an optimal solution.

Collapse -

Stop Exchange 5.5 from accepting msgs

by John Beno In reply to Stop Exchange 5.5 from ac ...

Colin,

I have suffered miserably with the same problem until I realized that it was not Exchange that had the problem. The question really should be 'Is your Exchange Server behind a firewall or proxy server?' The reason I ask is this. When a firewall or proxy server works between the Exchange Server and the Internet, the Exchange Server sees the sending system not as the domain of the sender but as the IP of the sending system which is the trusted inside address of the firewall. I have been working hard on trying to resolve the same problem. The answer lies in configuring the firewall to only accept mail addressed to your domain. Once that is done, then you still have to filter out the ones that are correctly addressed to your domain. All this does is prevent relaying, not spamming. Hope this helps.

Collapse -

Stop Exchange 5.5 from accepting msgs

by Colin Alfke In reply to Stop Exchange 5.5 from ac ...

No, there is not a firewall or a proxy server between the exchange server and the internet. This looks like something that could trip up a lot of people though. You're partially right - the question I am asking is how to get my exchange server to only accept mail addressed to my domain. It accepts anything and then sends back an NDR.

Thanks anyway
Colin

Collapse -

Stop Exchange 5.5 from accepting msgs

by cscript In reply to Stop Exchange 5.5 from ac ...

Colin,
Are you talking about all the <> in your queues from the domains that you thought you had blocked?
If this is the case (I am not sure what you mean by receiving mail to an invalid recipient, where is it being delivered?) Then the exchangeserver is working properly. The <> originator is you mail system sending an NDR to the sender saying "Nope, no thanks" The problem here is that if the spammer spoofed his address, these messages will be undeliverable and will sit in your queues until they time out. This is bad, because each one takes up a connection which, if you get enough of them, will cause your box to fall over. This is exactly why I use a gateway between my IMS's and the internet. Filter out all the garbage before it gets to the IMS's.

Regards,
Good Luck

Collapse -

Stop Exchange 5.5 from accepting msgs

by Colin Alfke In reply to Stop Exchange 5.5 from ac ...

No, I wasn't meaning the <> in the queues from my server's trying to send mail to a spoofed address. What I was trying to do was after accepting the recipient's address is to validate it against the GAL before it accepts the message header and body. I tried the instructions in the MS article I referenced - but they did not appear to work as indicated.

Perhaps Exchange won't do this and I will have to install a gateway.

Thanks
Colin

Back to Software Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums