Have you made sure to secure this IIS SMTP box against relay? Ed Crowley MCSE+Internet MVP Tech Consultant Compaq Computer Corporation (soon to be HP) All your base are belong to us.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jesse Rink Sent: Tuesday, November 20, 2001 12:23 PM To: Exchange Discussions Subject: IIS SMTP relay for Exchange - Is my relay being used by others? Okay. Here's the low-down. I have an Exchange 5.5 server on the inside interface of our firewall and and IIS SMTP relay server on the DMZ interface of our firewall. This has been running for several months without any problems. Yesterday I reviewed the daily network bandwidth chart for our T1 line out the to internet and found the inbound traffic was WAY higher (my eyes almost popped out of my sockets) than usual. This was highly noticeable in that the inbound traffic continued into the late hours of the night. Normally, after 5pm, network inbound/outbound traffic is dead. I tried figuring out what all of a sudden is causing this increased traffic and am beginning to suspect the IIS SMTP relay box. Performance analysis on the box shows that the CPU utilization is much higher than usual (mainly from inetinfo.exe). After further investigating, I noticed that the c:\inetpub\mailroot\queue directory is suddenly full (1500 messages) of .rtr and .eml files (can someone explain the difference between these?). Not only are there 1500+ .rtr and .eml files in the queue, but the messages themselves are not originating from or destined to whitnall.com (my domain). I'm assuming someone (most of the messages are from hotmail.com accounts and contain PORN links) is using our smtp relay... Can someone please help me address this problem? Not sure how to proceed. Thanks reply here or via email [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
