Configure SMTP relay restrictions in Exchange Server 2003 to stop spam
Find out how to configure SMTP relay restrictions in Exchange Server 2003 to stop your Exchange server from sending massive amounts of spam email.
In Exchange System Manager (ESM), I see 4,567 queues followed by non-delivery reports (NDRs).
First, make sure that the default SMTP relay settings have been applied to your Exchange 2003 servers per Microsoft's article on how to configure SMTP relay restrictions. If your Exchange server is still sending spam, then you should disable all authentication methods except for "anonymous" on your Internet-facing SMTP host. By default, anonymous authentication, will allow messages to be sent, but not relayed.
If outbound spam remains a problem, then the spam is coming from one of your internal hosts. You may consider resetting all passwords in your Exchange organization to regain control over the SMTP relaying, or reset the Relay Restrictions tab to "Allow all computers which successfully authenticate to relay, regardless of the list above."
For more information, read Microsoft's article, Stop Exchange Server spam from the inside by locking down SMTP.
Do you have comments on this Ask the Expert Q&A? Let us know.
Ask an Exchange Server question in our forum.
