On your outgoing mail connector on the general tab. 'specify the fqdn this connector will provide in response to.....'
From: [email protected] [mailto:[email protected]] On Behalf Of Steve Ens Sent: Wednesday, April 9, 2014 10:33 AM To: [email protected] Subject: Re: [Exchange] Relaying So I am also looking into DNS and my hoster tells me this... DNS is fine. Forward: mail.aptn.ca<http://mail.aptn.ca>. 7200 IN A 139.142.213.125 Reverse: 125.213.142.139.in-addr.arpa. 86400 IN PTR mail.aptn.ca<http://mail.aptn.ca>. But the banner on the server is the .local name: Trying 139.142.213.125...Connected to mail.aptn.ca.Escape character is '^]'.220 aptnexch.aptn.local Microsoft ESMTP MAIL Service ready at Wed, 9 Apr 2014 07:13:45 -0500 How do I change my banner on my local server? On Tue, Apr 8, 2014 at 9:55 PM, Steve Ens <[email protected]<mailto:[email protected]>> wrote: I think Don has not been in this conversation yet, and i do use Vipre for backscatter and spam protection. I don't think having 600 messages undelivered in the queue is reasonable. We have been blacklisted a couple of times and been delisted so far. I also have all traffic on port 25 blocked out of the firewall except for the Exchange box. I'm looking at the smtp logs and can;t seem anything off yet. On Tue, Apr 8, 2014 at 7:07 PM, Richard Stovall <[email protected]<mailto:[email protected]>> wrote: I think this answer is correct in some circumstances, but not universally by any means. Don, do you have any backscatter protection enabled? This would eliminate these as NDRs resulting from spam from spoofed addresses you own. If you don't have backscatter protection, my guess is that spam which does spoof existing addresses would be far more problematic than that which does not. On Tue, Apr 8, 2014 at 7:13 PM, Mike Tavares <[email protected]<mailto:[email protected]>> wrote: the sender <> is normal exchange NDR's being delivered. Since your exchange server is authoritative for you domain any messages addressed to non existent email address will cause these, since a lot of spam has bogus address you tend to see them sitting in your ques for a while. They will eventually time out and go away on their own. Nothing to worry about. From: Steve Ens<mailto:[email protected]> Sent: Tuesday, April 08, 2014 4:30 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] Relaying I'm running exchange 2010 here with all the service packs. I think that I must have misconfigured one of my receive connectors. I know I am not an open relay from the outside, but I think I have a machine inside my network that is compromised and using exchange to send out since I have many messages sitting in my queue that are undeliverable. Any suggestions as to how I'd determine from which IP these messages are originating? The sender always looks like <> I've opened up the message tracking logs, but can't find any incriminating evidence there.
