So I am also looking into DNS and my hoster tells me this... DNS is fine. Forward:
mail.aptn.ca. 7200 IN A 139.142.213.125 Reverse: 125.213.142.139.in-addr.arpa. 86400 IN PTR mail.aptn.ca. But the banner on the server is the .local name: Trying 139.142.213.125...Connected to mail.aptn.ca.Escape character is '^]'.220 aptnexch.aptn.local Microsoft ESMTP MAIL Service ready at Wed, 9 Apr 2014 07:13:45 -0500 How do I change my banner on my local server? On Tue, Apr 8, 2014 at 9:55 PM, Steve Ens <[email protected]> wrote: > I think Don has not been in this conversation yet, and i do use Vipre for > backscatter and spam protection. I don't think having 600 messages > undelivered in the queue is reasonable. We have been blacklisted a couple > of times and been delisted so far. I also have all traffic on port 25 > blocked out of the firewall except for the Exchange box. I'm looking at the > smtp logs and can;t seem anything off yet. > > > On Tue, Apr 8, 2014 at 7:07 PM, Richard Stovall <[email protected]> wrote: > >> I think this answer is correct in some circumstances, but not universally >> by any means. Don, do you have any backscatter protection enabled? This >> would eliminate these as NDRs resulting from spam from spoofed addresses >> you own. If you don't have backscatter protection, my guess is that spam >> which does spoof existing addresses would be far more problematic than that >> which does not. >> >> >> On Tue, Apr 8, 2014 at 7:13 PM, Mike Tavares <[email protected]>wrote: >> >>> the sender <> is normal exchange NDR's being delivered. Since your >>> exchange server is authoritative for you domain any messages addressed to >>> non existent email address will cause these, since a lot of spam has bogus >>> address you tend to see them sitting in your ques for a while. They will >>> eventually time out and go away on their own. >>> >>> Nothing to worry about. >>> >>> >>> *From:* Steve Ens <[email protected]> >>> *Sent:* Tuesday, April 08, 2014 4:30 PM >>> *To:* [email protected] >>> *Subject:* [Exchange] Relaying >>> >>> I'm running exchange 2010 here with all the service packs. I think >>> that I must have misconfigured one of my receive connectors. I know I am >>> not an open relay from the outside, but I think I have a machine inside my >>> network that is compromised and using exchange to send out since I have >>> many messages sitting in my queue that are undeliverable. Any suggestions >>> as to how I'd determine from which IP these messages are originating? The >>> sender always looks like <> I've opened up the message tracking logs, but >>> can't find any incriminating evidence there. >>> >> >> >
