Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Apparently we're SPAMming...

Status
Not open for further replies.

JPJeffery

Technical User
May 26, 2006
600
GB
Before my question, a rant (not aimed at this forum, I know it isn't your fault!)

[rant]I find this whole issue about getting blacklisted really frustrating.

The aspect of this that I mind is that it seems to be impossible to get an exact cause of our server/IP being added to the blacklist. i.e. there must have been a trigger event (an email with a malformed HELO, a test to check if our server is an open relay and so on) to get us added to each list but can we get that information off them? Can we heck!

So, we spend hours investigating and researching and discussing when we could resolve the issue MUCH quicker if we knew exactly what to look for (which might be interesting and useful but still time spent somewhat unnecessarily).[/rant]

OK, the question. On Friday we edited the properties of the Virtual SMTP server (Access tab, then Connection Control). Before we started it was set to 'All except the list below' and the list was blank, so the ACL was open to all IP addresses. We changed it to 'Only the list below' and added in the IP addresses of our Message Labs servers.

We then sent an SMTP email to my home address which got through. So, we thought everything was hunky dory, until we'd gone home and our systems team called us to say their automated emails weren't going out.

When I was reading the Help files they didn't say this setting was only for inbound connections but my team leader swore blind it was, so we didn't add in our internal address ranges and the test we sent seemed to support his theory.

What's the truth?

JJ
[small][purple]Variables won't. Constants aren't[/purple][/small]
 
The SMTP virtual server is for emails to go OUT through there so you'd put in the IP addresses of your internal servers that need to send emails out - i.e. the automated ones.

Sending an email to home means that the Exchange server is working well.

On the blacklist front, it is usually spamhaus that blacklist you and if you email them they will clip the log and send it to you. That is almost always enough to work out what you did.
 
Our IP got blacklisted even though it was static. Some blacklists were blocking a whole subnets from my ISP.

I got the ISP to add reverse DNS for our IP , input SPF record, insured no relay, sent removal requests to the few blacklisting sites we were on. Problem solved.
 
Hi,

DEFAULT SMTP VIRTUAL SERVER
ACCESS TAB
CONNECTION PROPERTIES > should be set to all except the list below. This would normally be an empty list.

DEFAULT SMTP VIRTUAL SERVER
ACCESS TAB
RELAY > should be set to only the list below. In here you would add the internal IP Addresses of hosts or network ranges that you would like to be able to relay i.e. send emails like alerts externally without authentication.

On the delivery tab > advanced is where you would add your messagelabs servers in the smart host field for external mail delivery. However I would normally setup an SMTP connector under the routing group in Exch SM.

If you would only like to accept incomming connections from Messagelabs (as your mail is routed through there) I would normally control this connection at the firewall level. But you can do it as you did via the connection control method.

Hope this is of help. If not more details on your exch environment would be helpful.

Basically tho u need to add the servers to the relay tab on the smtp virtual server on the exchange server that the alerts are going to.

Cheers,

Steve
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top