Exchange 2003 SP1 unwanted SMTP sessions (aka spammers?)

0 pts.
Tags:
Exchange security
We have Exchange 2003 upon a SBS 2003 server. SBS 2003 server has SP1 patch Exchange 2003 has SP1 patch. In the Exchange 2003 queue, we have unwanted SMTP sessions, as many as ~20 or so, some of these obviously, are spammers, by their domain names (0733.com, 1-800eatshit.com, etc.). I know these are spammers, and they have probed our Exchange 2003 server to exploit. Question: How do you prevent these SMTP sessions from comming into the Exchange 2003 server? I have been "freezing" the smtp session, then deleting the messages in the session. Would an appliance gateway or an email appliance help in this? Are there any books or other papers on preventing this unwanted SMTP spammer sessions? Thank you for your time. Ken
ASKED: September 18, 2006  7:28 AM
UPDATED: September 18, 2006  2:35 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

We were having the same problem on our Exchange 2003 SP2 server. I noticed that the amount of queues on the server dropped dramatically when we installed GFI Mail Security and GFI Mail Essentials.

http://www.gfi.com/

JC
They have a 30 day free trial. Let me know if this helps.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Kensedlacek
    I forgot to mention that we have installed Symantec Antivirus 10.1 on the SBS 2003 server and Symantec Exchange Mail Security 5.01 (or 5.1). Ken
    0 pointsBadges:
    report
  • PDMeat
    Those are non delivery reports (NDR) trying to send messages to spammer domains that don't actually exist. Spammers send email to eral basic names such as "john@yourdomain.com" trying to guess valid emails to spam to and your exchange server is trying to send the NDR as that account doesn't exist. You can ignore these as they will keep retrying for 24 hours or more. The only way to prevent this is to put some form if mail security on the server to prevent connections from spammer servers or put another mail gateway in front of your exchange server that does the same function.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following