I've gone through this before and find it to be of little help. Unfortunately I cannot grasp how to allow relay for whitnall.com ONLY and not any other domain. I'm not sure whether I should use authentication or not, and if so, what type of authentication, etc. I need someone that has IIS SMTP running to lend a hand if possible.
> This article discusses setting up the SMTP service to relay, so there may be > some hints in here.... > > http://support.microsoft.com/support/kb/articles/q230/2/35.asp > > -----Original Message----- > From: Jesse Rink [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, November 21, 2001 11:26 AM > To: MS-Exchange Admin Issues > Subject: RE: My IIS SMTP is being used as a relay - need help stopping > this > > > I'm not sure where to find the source of the IP address where the emails > are coming from. In addition, blocking that one IP doesn't stop others > from using my IIS SMTP relay as a relay point, just that one address I > believe so I need a more permanent fix. Thanks. > > > > Block the IP at the router... > > > > Kevinm M WLKMMAS, UCC+WCA, CKWSE > > > > > > -----Original Message----- > > From: Jesse Rink [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, November 21, 2001 7:09 AM > > To: MS-Exchange Admin Issues > > Subject: RE: My IIS SMTP is being used as a relay - need help stopping > > this > > > > > > Heh, yeah... I guess so. Anyway, if you can lend a hand, please let me > > know. This is very frustrating. My queue is getting TONS of messages > > per minute from these spammers and I need to get it fixed as it's using > > up to about 30% of our incoming T1 bandwidth. > > > > > Well, then I must modify my band camp scenario... : > > > > > > > Kevinm M WLKMMAS, UCC+WCA, CKWSE > > > > > > > > > -----Original Message----- > > > From: Jesse Rink [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, November 21, 2001 7:01 AM > > > To: MS-Exchange Admin Issues > > > Subject: RE: My IIS SMTP is being used as a relay - need help stopping > > > this > > > > > > > > > 3 reasons why I know (in order of finding them out) > > > > > > 1. The amount of incoming traffic on our T1 increased about 40x as of > > > yesterday. 2. The # of messages in the IIS SMTP relay /queue directory > > > > > is constantly around 1500 messages and are FROM: a domain that is not > > > my domain (some dude sending hotmail.com messages about a porn site). > > > 3. I went to www.abuse.net and used their smtp relay abuse test and > > > the results showed that my server could be used as a relay. > > > > > > :) or should I say, :( heh.. Need help figuring out what to change in > > > > > IIS SMTP now.. Thanks! > > > > > > > > > > How do you know you are being used as a relay? > > > > > > > > Kevinm M WLKMMAS, UCC+WCA, CKWSE > > > > > > > > > > > > -----Original Message----- > > > > From: Jesse Rink [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, November 21, 2001 6:35 AM > > > > To: MS-Exchange Admin Issues > > > > Subject: My IIS SMTP is being used as a relay - need help stopping > > > this > > > > > > > > > > > > Well, after making sure my IIS 4.0 SMTP relay server was not > > > > infected by the NIMDA virus and applying all the MS01-044 IIS > > > > cumulative security bulletin, I am still being used as a relay > > > > point. > > > > > > > > The most confusing thing is: I can't understand how they are doing > > > > it because when I telnet into the IIS SMTP relay from HOME, it > > > > DOESN'T allow me to relay. The following shows up: > > > > > > > > 220-w-smtp01.whitnall.com Microsoft SMTP MAIL ready at Wed, 21 Nov > > > > 2001 08:16:19 -0600 Version: 5.5.1877.197.19 > > > > 220 ESMTP spoken here > > > > > > > > At this point I try and type "Helo me", "Mail From:", or other > > > > commands, and they ALL fail with either a) a 550 error, b) no > > > > response. > > > > > > > > If on the other hand, I telnet into the SMTP relay from a PC here on > > > > the LAN I can issue "Helo me", "Mail From:" or other commands and > > use > > > > it as a relay without problem. > > > > > > > > What I'm looking for is someone running IIS SMTP services to help me > > > > out here. My IIS SMTP relay is in my DMZ Interface and my (1) > > > > Exchange server is on the Inside Interface of the firewall. I'm > > > > worried that our domain will start getting banned or black listed (I > > > > > > heard this happens) because we are being used as a relay point. > > This > > > > is the 2nd day it's been occuring and I need to get this fixed soon. > > > > > > > > If you can help, please let me know. Thanks. > > > > > > > > Jesse Rink > > > > [EMAIL PROTECTED] > > > > > > > > List Charter and FAQ at: > > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > > > List Charter and FAQ at: > > > http://www.sunbelt-software.com/exchange_list_charter.htm > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm