Saturday, February 20, 2010 4:24 AMI have a exchange 2010 server setup. My receive connector has anonymous users
Can someone explain what is going on? . From what i think someone is relaying using my server(as there are tons of emails in the queue). When i disable the anonymous users the emails stop. But then i cant send emails from my outlook, they just sit in the queue.
Saturday, February 20, 2010 1:25 PM
Is this server receiving email directly from the internet? If so, make sure your "Accepted Domains" are correctly populated.
By default, disabling "anonymous users" on your HUB, shouldn't prevent internal users from sending emails as they do not connect to the HUB servers.
Give me a better overview of your topology.
Casper Pieterse, Principle Consultant - UC, Dimension Data South Africa, Microsoft Certified Master: Exchange 2007
Sunday, February 21, 2010 9:01 AMHi Macky .
Leme Explain to you What I understand.
1)My receive connector has anonymous users . (This allows your exchange to simply accept emails from Internat from all users as you dont know that who wil be Sending you emails )
A Receive connector that's configured to accept e-mail from all domains is created automatically when the Edge Transport server role is installed.2)From what i think someone is relaying using my server(as there are tons of emails in the queue).
"So you can Now Understand that It is not depending on this tht some one is Relaying emails through your Server"
Now Let us first Understand that how can someone use our server to Relay Email.
Eg i have an Edge transport Server Deployed.Now eg I am in another company and i want to use your Edge transport Server to relay your Email than I would configure your Edge transport Server As a Smart host. and on your Edge transport Server You would Configure a Conector to accept my Emails.
Now I would Only do the Above when I dont have my Edge Server Published Else it would be Stupidity on my behalf ..... So i assume if he is using to send emails tahn also he would be using your Edge to Receive emails.
So Check the Accepted Domain (These are those Domains for which your Edge Receive Emails.)
3)When i disable the anonymous users the emails stop
Are you doing this on the Hub Receive Connectors ?
I would Appreciate if Casper can also give his Feedback in this.
Fazal M Khan
Monday, February 22, 2010 9:18 PMOk so on my hub transport receive connector when i have anonymous checked i see alot of spam going out in the queue. When i disable it i am able to send but not receive.
I have multiple accepted domains all authoritative.
This is a link to an on going conversation about the situation.
Tuesday, February 23, 2010 5:45 AMThank you for Your Reply here macky.
About your Hub Transport Receive connector you have anonymous checked (It has to do nothing with the SPAM going out from your Exchange server)
You see alot of Spam going out as you can see in the Queue (Can you please check in the queue that most of the emails which are being sent are from which DOMAIN?)
My concern is that Have you enabled SMTP Rely on your Exchange Server ?(which enables anonymous users to send email using your exchange server without having the account in your Exchange Organization)
There are many spamers that use port scanning to list down all the exchnage servers that have SMTO relly open and than they send email using that.