Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to stop Relay on Exchange 2000 1

Status
Not open for further replies.
Amye63

Amye63

MIS
Jun 4, 2003
18
US
We have done every thing Microsoft says to do to stop relay and we still are being used as a relay. We have followed the following steps as well:

To close your open relay on Exchange 2000, do the following.

In System Manger…. Expand Servers, Expand , Expand Protocols, Expand SMTP then right-click “Default SMTP Virtual Server” and select Properties.

On the Access Tab

1) Click Authentication, Ensure that all three options are checked. (Do NOT disable Anonymous as you will not be able to receive inbound mail) – Apply, OK

2) Click Connection, Click the “All except the list below” radio button and leave the list blank. – Apply, OK

3) Click Relay, click the “Only the list below” radio button and leave the list blank. Check "Allow all computers which successfully authenticate to relay, regardless of the list above" – Apply, OK

Next in System Manager

Expand Connectors, If you have the often found “Outbound” connector delete it. You can leave any custom built connectors, but you don’t need any.

Next in System Manager

1) Click Recipients 2) In the right window pane, right-click “Default Policy” then properties 3) On the E-Mail Addresses (Policy) Tab. Make sure that all domains you are handling mail for are listed with an SMTP Entry, if not.. add those needed. – Apply, OK

Next open Services (Start, Settings, Control Panel, Administrative Tools, Services)

1) Stop “Microsoft Exchange Routing Engine” 2) Stop “Simple Mail Transport Protocol” 3) Start “Microsoft Exchange Routing Engine” 4) Start “Simple Mail Transport Protocol”

Following these steps will close your open relay and allow you to receive all inbound mail.

When you have external clients they will have to set their mail programs to authenticate when sending mail.

None of this seems to stop it.
 
Sort by date Sort by votes
How do you know you're being used as an Open Relay? Your server may be accepting the connection, but rejecting the relay.
 
Upvote 0 Downvote
I have been gone for an hour and there are 20 different outbound queues, all of which are unknown to us. Fortunatly, we only have three people in our company, so I pretty much know what emails we are sending.
 
Upvote 0 Downvote
Were those queues there an hour ago? If they're still hanging around since before you closed the relay, you can either delete them yourself or wait for them to terminate. If you're not sure, delete them yourself and keep an eye on it. Just because they're there doesn't mean you're still relaying.
 
Upvote 0 Downvote
Once I closed the relay, I deleted all of the existing messages, stopped the stmp service, and knew ones are still popping up about every three or four minutes.
 
Upvote 0 Downvote
Are the messages in those queues actually leaving your server? Or are the messages backing up in the queues?
 
Upvote 0 Downvote
Some of them are leaving and some of them are not. I assume those that are not are undeliverable.
 
Upvote 0 Downvote
Does anyone have a useful link on how to stop my server being used as a relay?

Thanks

Paul
 
Upvote 0 Downvote
We have tried all of those settings, but no luck. We are still being used as a relay.
 
Upvote 0 Downvote
I can't see how you are still an open relay now... did you do the telnet check from the link from MichaelDay's post ?? did it allow traffic on port 25 to relay then ?

If the relay restrictions area in properties of the SMTP virtual server in Exchange Manager are set as "only the list below" and the list is blank, I'm puzzled

let us know what the situation is now

cheers
Roddy



Life's too short
 
Upvote 0 Downvote
It did pass the test you sent, but there were 23 outgoing queues this morning, some messages had not sent, and some had.
 
Upvote 0 Downvote
If you are not an open relay, but are still relaying, maybe someone has access to the authentication list?
 
Upvote 0 Downvote
Yep, really the only avenue left to check into. Have everyone change their passwords, change the passwords of any other user/group on the list, flush the queues and watch 'em again.

You could also start logging the SMTP to see who is doing what and how.
 
Upvote 0 Downvote
The fact that you see outboung queues does NOT mean that you are open for relaying. If you enumerat the messages in the queues, you will likely see that they are NDRs going back to spammers to tell them they cannot relay through your server. Frequently the reply domains are bogus, so the queue will sit there for up to 48 hours, and then the NDR message is sent to the EXCHSRVR\MAILROOT\VSI 1\badmail folder and the queue is dropped within a few minutes.

Try this on your Exchange server:

open a command prompt

telnet localhost 25
ehlo
mail from:bogususer@hotmail.com
rcpt to:bogususer@yahoo.com

IF after the rcpt to: command it says 5.7.1 Relaying Prohibited, you are definitely not open for relay.

Georgesz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
965
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
1K
Wesaf
Wesaf
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher

Part and Inventory Search

Sponsor

Back
Top