Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Open Relay challenge......help.....never seen this before.

Status
Not open for further replies.
Garob

Garob

Technical User
Jul 23, 2003
18
0
0
GB
I've got a site with a Windows 2003 server (Stnd edition) all patched up to date running Exchange SP3 + post sp3 patches. Clean install last Friday.

I'm running the SMTP virtual server with the servers LAN IP in the "allowed to relay" box and I've unticked the "allow to relay if authenticated" tick box.

I've made sure the guest account is disabled and have forced all users to change their passwords.

The machine is relentlessly relaying. I've even remade the virtual server (it's not set to relay).

I'm logging the SMTP queue and as you can see some email bounce as 550 user not known but some complete . Anyone seen this before?

Any help would be greatly appreciated...



08:42:54 64.156.215.5 - - 0
08:43:03 194.72.6.62 xxxx - 500
08:43:03 194.72.6.62 HELO - 250
08:43:03 194.72.6.62 MAIL - 250
08:43:03 194.72.6.62 RCPT - 250
08:43:03 194.72.6.62 DATA - 250
08:43:03 194.72.6.62 QUIT - 240
08:43:03 69.42.70.200 - - 0
08:43:03 69.42.70.200 EHLO - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 HELO - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 MAIL - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 RCPT - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 DATA - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 - - 0
08:43:04 69.42.70.200 QUIT - 0
08:45:54 219.91.69.103 xxxx - 500
08:45:54 219.91.69.103 HELO - 250
08:45:55 219.91.69.103 MAIL - 250
08:45:55 219.91.69.103 RCPT - 550
08:45:57 219.91.69.103 QUIT - 240
08:48:26 219.91.122.171 xxxx - 500
08:48:26 219.91.122.171 HELO - 250
08:48:27 219.91.122.171 MAIL - 250
08:48:27 219.91.122.171 RCPT - 550
08:48:27 219.91.122.171 QUIT - 240
08:48:55 219.91.67.14 xxxx - 500
08:48:55 219.91.67.14 HELO - 250
08:48:56 219.91.67.14 MAIL - 250
08:48:56 219.91.67.14 RCPT - 550
08:48:56 219.91.67.14 QUIT - 240
08:50:29 194.25.134.20 xxxx - 500
08:50:29 194.25.134.20 HELO - 250
08:50:29 194.25.134.20 MAIL - 250
08:50:29 194.25.134.20 RCPT - 250
 
Sort by date Sort by votes
Limit relaying to LAN IP as well ..

See also the FAQ link above, the Security part.

Marc
[sub]If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all. Please specify details.
Free Tip: The F1 Key does NOT destroy your PC![/sub]
How Do I Get Great Answers To my Tek-Tips Questions? See faq219-2884
 
Upvote 0 Downvote
marcs41

Thanks for the reply. I changed the relay only setting to the domain name and this seems to of cured the situation.

When you telnet in and do the following :-


HELO me

MAIL FROM: someaddress@somedomain.com

RCPT TO: nobody@afakedomain.com

QUIT

I know get the required 550 response and the ORDB.org test has been passed OK.

Sometimes you see the answer in front of you and don'tcop onto it.....


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
557
Satishkumar007
Satishkumar007
rokkit99
  • Locked
  • Question
Outlook 2013 cannot open shared calendar attachments
Replies
1
Views
56
rokkit99
rokkit99
jwigginjr
  • Locked
  • Question
Help connecting two exchange domains on same LAN without internet
Replies
0
Views
41
jwigginjr
jwigginjr
kb0ogt
  • Locked
  • Question
Cannot Display the Folder. Microsoft Exchange is currently busy. if this message is still...
Replies
0
Views
40
kb0ogt
kb0ogt
cjtucker1976
  • Locked
  • Question
The Exchange server address list service failed to respond. This could be because of an address list
Replies
3
Views
57
markdmac
markdmac

Part and Inventory Search

Sponsor

Back
Top