Configure SMTP relay restrictions in Exchange Server 2003 to stop spam

Find out how to configure SMTP relay restrictions in Exchange Server 2003 to stop your Exchange server from sending massive amounts of spam email.

Richard Luckett, Learn IT Solution Group LLC

Published: 12 Sep 2008

Exchange Server 2003 is sending out massive amounts of spam. Is there a way I can stop this from happening? I have already scanned all the PC and server equipment for viruses.

In Exchange System Manager (ESM), I see 4,567 queues followed by non-delivery reports (NDRs).

First, make sure that the default SMTP relay settings have been applied to your Exchange 2003 servers per Microsoft's article on how to configure SMTP relay restrictions. If your Exchange server is still sending spam, then you should disable all authentication methods except for "anonymous" on your Internet-facing SMTP host. By default, anonymous authentication, will allow messages to be sent, but not relayed.

If outbound spam remains a problem, then the spam is coming from one of your internal hosts. You may consider resetting all passwords in your Exchange organization to regain control over the SMTP relaying, or reset the Relay Restrictions tab to "Allow all computers which successfully authenticate to relay, regardless of the list above."

For more information, read Microsoft's article, Stop Exchange Server spam from the inside by locking down SMTP.

Do you have comments on this Ask the Expert Q&A? Let us know.

Ask an Exchange Server question in our forum.

Configure SMTP relay restrictions in Exchange Server 2003 to stop spam

Find out how to configure SMTP relay restrictions in Exchange Server 2003 to stop your Exchange server from sending massive amounts of spam email.

Dig Deeper on Exchange Server setup and troubleshooting

What are the most important email security protocols?

Securing Exchange Server communications via SMTP and IMAP

Part 2: How to perform a Telnet SMTP session for Exchange Server 2003

Top five network security concerns

Related Q&A from Richard Luckett

Why is there an Outlook folder missing from Outlook Web App?

Why won't the Exchange 2013 Edge Transport Server install?

How do I configure Outlook Anywhere for specific external use?

SearchServerVirtualization

2021 virtualization trends focus on HCI, Kubernetes

6 virtual server management best practices

Nvidia launches integrated AI platform for VMware vSphere 7

SearchCloudComputing

Choose the right serverless container service

IBM boosts vertical cloud push with financial services cloud

Open source cloud platforms and tools to consider

SearchSQLServer

SQL Server database design best practices and tips for DBAs

SQL Server in Azure database choices and what they offer users

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

SearchEnterpriseDesktop

Incorporating zero trust into endpoint security

Keeping tabs on employees in the hybrid workplace

Top 6 endpoint security software options in 2021

SearchVirtualDesktop

Why and when to use Windows Virtual Desktop

Compare Citrix Virtual Apps and Desktops vs. WVD

4 Windows Virtual Desktop management limitations