"Are you allowing mail relaying on your internal network? ESM>SMTP>Default SMTP>Access>Relay (Any exclusions here at all?)"
There are no computers listed here, but the box below is checked: Allow all computers which successfully authenticate to relay, regardless of the list above. I'll look into that website. Thanks, ________________________________ From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:52 PM To: NT System Admin Issues Subject: RE: blacklists Are you allowing mail relaying on your internal network? ESM>SMTP>Default SMTP>Access>Relay (Any exclusions here at all?) You cannot change the port/25 if you expect to be able to send mail to other organizations. You can only change the port if you are passing emails off to another server, and then that server sends it out. I think it's time to start looking through your SMTP logs on your mail server. Also, check out http://www.authsmtp.com/ Set your exchange box to send mail through them on a obscure port, and turn off port 25 on all your firewalls. I'm not talking zone alarm, I'm talking about your perimeter hardware firewall. This will get your messages out, and let things calm down to get you off the blacklists. Sam From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 4:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said "no". My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 "Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org <blocked::http://www.leementalhealth.org/> to learn more." Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
