Exchange 2003 SP1 unwanted SMTP sessions (aka spammers?)
We have Exchange 2003 upon a SBS 2003 server.
SBS 2003 server has SP1 patch
Exchange 2003 has SP1 patch.
In the Exchange 2003 queue, we have unwanted SMTP sessions, as many as ~20 or so, some of these obviously, are spammers, by their domain names (0733.com, 1-800eatshit.com, etc.). I know these are spammers, and they have probed our Exchange 2003 server to exploit.
Question:
How do you prevent these SMTP sessions from comming into the Exchange 2003 server?
I have been "freezing" the smtp session, then deleting the messages in the session.
Would an appliance gateway or an email appliance help in this?
Are there any books or other papers on preventing this unwanted SMTP spammer sessions?
Thank you for your time.
Ken
Software/Hardware used:
Software/Hardware used:
ASKED:
September 18, 2006 7:28 AM
UPDATED:
September 18, 2006 2:35 PM
Answer Wiki:
We were having the same problem on our Exchange 2003 SP2 server. I noticed that the amount of queues on the server dropped dramatically when we installed GFI Mail Security and GFI Mail Essentials.
http://www.gfi.com/
JC
They have a 30 day free trial. Let me know if this helps.
To see all answers submitted to the Answer Wiki: View Answer History.
I forgot to mention that we have installed Symantec Antivirus 10.1 on the SBS 2003 server and Symantec Exchange Mail Security 5.01 (or 5.1).
Ken
Those are non delivery reports (NDR) trying to send messages to spammer domains that don’t actually exist. Spammers send email to eral basic names such as “john@yourdomain.com” trying to guess valid emails to spam to and your exchange server is trying to send the NDR as that account doesn’t exist.
You can ignore these as they will keep retrying for 24 hours or more. The only way to prevent this is to put some form if mail security on the server to prevent connections from spammer servers or put another mail gateway in front of your exchange server that does the same function.