Configure SMTP relay restrictions in Exchange Server 2003 to stop spam

Find out how to configure SMTP relay restrictions in Exchange Server 2003 to stop your Exchange server from sending massive amounts of spam email.

Richard Luckett, Learn IT Solution Group LLC

Published: 12 Sep 2008

Exchange Server 2003 is sending out massive amounts of spam. Is there a way I can stop this from happening? I have already scanned all the PC and server equipment for viruses.

In Exchange System Manager (ESM), I see 4,567 queues followed by non-delivery reports (NDRs).

First, make sure that the default SMTP relay settings have been applied to your Exchange 2003 servers per Microsoft's article on how to configure SMTP relay restrictions. If your Exchange server is still sending spam, then you should disable all authentication methods except for "anonymous" on your Internet-facing SMTP host. By default, anonymous authentication, will allow messages to be sent, but not relayed.

If outbound spam remains a problem, then the spam is coming from one of your internal hosts. You may consider resetting all passwords in your Exchange organization to regain control over the SMTP relaying, or reset the Relay Restrictions tab to "Allow all computers which successfully authenticate to relay, regardless of the list above."

For more information, read Microsoft's article, Stop Exchange Server spam from the inside by locking down SMTP.

Do you have comments on this Ask the Expert Q&A? Let us know.

Ask an Exchange Server question in our forum.

Configure SMTP relay restrictions in Exchange Server 2003 to stop spam

Find out how to configure SMTP relay restrictions in Exchange Server 2003 to stop your Exchange server from sending massive amounts of spam email.

Dig Deeper on Exchange Server setup and troubleshooting

What are the most important email security protocols?

Securing Exchange Server communications via SMTP and IMAP

Part 2: How to perform a Telnet SMTP session for Exchange Server 2003

Top five network security concerns

Related Q&A from Richard Luckett

Why is there an Outlook folder missing from Outlook Web App?

Why won't the Exchange 2013 Edge Transport Server install?

How do I configure Outlook Anywhere for specific external use?

SearchServerVirtualization

What's the difference between Type 1 vs. Type 2 hypervisor?

OpenShift Virtualization 2.5 simplifies VM modernization

Get to know Oracle VM VirtualBox 6.1 and learn to install it

SearchCloudComputing

IBM acquisition spree targets hybrid cloud consulting market

How to choose between IaaS and SaaS cloud models

COVID-19 and remote work shift cloud predictions for 2021

SearchSQLServer

SQL Server database design best practices and tips for DBAs

SQL Server in Azure database choices and what they offer users

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

SearchEnterpriseDesktop

Otter.ai helps Google Meet stay competitive

Will Windows 10 be the last Windows OS?

CES: Laptops sport designs friendly for remote workers

SearchVirtualDesktop

Citrix to acquire Wrike for $2.25 billion

How to troubleshoot an RDP remote session stuck at configuring

Why COVID-19 fuels desktop virtualization trends