Exchange 2007 queue question
When I go into Exchange 2007 queue viewer on two hub transport servers, they get a lot of messages "<>" , but on my third server I usually get none of these in the queue. Is there a setting perhaps I am missing on the two servers? These emails usually don't go anywhere. We usually delete all of them.
Thanks in advanced.
January 27th, 2009 1:32pm
Hi,
These messages are most likely NDR's sent in response to spam mails sent to users that don't exist in your environment (and the NDR's can't be delivered because of sender spoofing).
I assume that your HUB transport servers are sending mails directly to the internet and not using edge servers.
It is safe to delete these mails - they should also disappear after 48 hours by default
Leif
Free Windows Admin Tool Kit Click here and download it now
January 27th, 2009 4:16pm
For more information about this type of spam see:
http://www.windowsecurity.com/articles/Email-Spoofing.html
You should also consider creating SPF records in order to fight this type of spam methods:
http://www.microsoft.com/mscorp/safety/technologies/senderid/overview.mspx
Henrik Walther
Exchange MVP | MCM: E2K7 | MCITP: EMA/EA | MCSE: M+S - MSExchange.org
January 27th, 2009 5:29pm
If we useSender Policy Framework (SPF), would we still be able to send to domains that might not use this feature. How hard is this to setup? What are the Pro and cons for using this technology?
Free Windows Admin Tool Kit Click here and download it now
January 28th, 2009 4:31am
Sabo: SPF(which overlaps in part with Microsoft's SenderID) will not impact your ability to send mail to domains that don't use or recognize SPF. It will simply help domains that do recognize/honor the record to determine if mail sent from on behalf of your domain originated from a server that you trust. As such, if someone elsesends mail from an address at your domain then it is more likely to be marked as junk mail. Setting up an SPF record is really easy - Microsoft has a wizard that will walk you through the process.
In addition, you can setup your Exchange server to recognize SPF/SenderID records. This is normally done on your Edge Transport server. If you are running a Hub Server that is also a Client Access server and want it to talk directly to the internet then you can enable spam filtering on that server by running the "install-AntispamAgents" cmdlet at the Exchange Management Shell. After that, you can configure this in "Organization Configuration: Hub Transport: Anti-Spam: SenderID" (although your configuration options are pretty minimal). That said, if you are in factrunning this scenario then I strongly recommend you read and implement the Exchange Team Blog's best practices as outlined in their article "Configuring Exchange 2007 Hub Transport role to receive Internet mail".
Jeremy
January 28th, 2009 9:34am
Jeremy,Thanks for the information
Free Windows Admin Tool Kit Click here and download it now
February 2nd, 2009 8:15pm