Microsoft Exchange SMTP Open Relay

Discussion in 'Microsoft Exchange' started by usaf, Aug 3, 2009.

  1. usaf

    usaf New Email

    Joined:
    Aug 3, 2009
    Messages:
    1
    Likes Received:
    0
    Hi,

    I'm using exchange server and i can see in logs their are emails which are sending out from somedomain to someotherdomain which i really dont know about. But when I do some test on open relays, it says 'unable to relay' Here are some tcp stream which I captured of an email session.

    Code:
    220 mail.[COLOR="SeaGreen"][B]mydomain[/B][/COLOR].co.uk Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 
    ready at  Mon, 6 Jul 2009 15:14:18 +0100 
    EHLO win
    250-mail.[COLOR="SeaGreen"][B]mydomain[/B][/COLOR].co.uk Hello [121.247.163.59]
    250-TURN
    250-SIZE
    250-ETRN
    250-PIPELINING
    250-DSN
    250-ENHANCEDSTATUSCODES
    250-8bitmime
    250-BINARYMIME
    250-CHUNKING
    250-VRFY
    250-X-EXPS GSSAPI NTLM LOGIN
    250-X-EXPS=LOGIN
    250-AUTH GSSAPI NTLM LOGIN
    250-AUTH=LOGIN
    250-X-LINK2STATE
    250-XEXCH50
    250 OK
    MAIL FROM: <cadgers9 '@' securpress.ru>
    RCPT TO: <dldchi '@' mydomain.co.uk>
    DATA
    250 2.1.0 cadgers9 '@' securpress.ru....Sender OK
    550 5.7.1 The IP address 121.247.163.59 was rejected by the 
    Realtime Block List provider bl.spamcop.net. 
    Please Call us to remove your Email from Filter 503 5.5.2 Need Rcpt command.
    

    Here are Email Headers

    Code:
    Reporting-MTA: dns; mx.mailprotect.be
    X-Postfix-Queue-ID: 1572C5802997
    X-Postfix-Sender: rfc822; myemail@mydomain.co.uk
    Arrival-Date: Sat,  1 Aug 2009 09:57:11 +0200 (CEST)
    
    
    Final-Recipient: rfc822; pouch@eurocustoms.org
    Original-Recipient: rfc822;pouch@eurocustoms.org
    Action: failed
    Status: 5.0.0
    Remote-MTA: dns; distributor.mailprotect.be
    Diagnostic-Code: smtp; 550 cuda_nsu 5.1.1 <pouch@eurocustoms.org>... User
        unknown
    
    Code:
    Received: from wilaya-4603d0f8 (unknown [41.201.104.183])
    	by mx.mailprotect.be (Postfix) with SMTP id 1572C5802997
    	for <pouch@eurocustoms.org>; Sat,  1 Aug 2009 09:57:11 +0200 (CEST)
    To: <pouch@eurocustoms.org>
    Subject: RE::Message-- JULY 77% OFF!
    From: "VIAGRA ® Official Site" <pouch@eurocustoms.org>
    MIME-Version: 1.0
    Importance: High
    Content-Type: text/html; charset="ISO-8859-1"
    Content-Transfer-Encoding: 7bit
    Message-Id: <20090801075712.1572C5802997@mx.mailprotect.be>
    Date: Sat,  1 Aug 2009 09:57:11 +0200 (CEST)
    
     


  2. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,983
    Likes Received:
    120
    What is the IP address for your exchange server?

    We can help with the open relay tests.

    I tried 121.247.163.59 but that was not accepting connections on port 25.

    -Raymond
     

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.
Loading...