get-AntispamTopBlockedSenderDomain s.ps1 reports my internal domain at top
I went fully live with Exchange 2007 decommissioning my Exchange 2003 box this weekend, and decided to view the spam reports. Running the get-AntispamTopBlockedSenderDomains.ps1 script, I see my hosted domain is at the top with almost 10,000 blocked emails since this weekend with the second highest domain at only 1400. I've done open relay checks and am not an open relay. I'm not sure how to interpret the results of this report and I couldn't find much on google about it. Any help would be greatly appreciated!
March 8th, 2011 9:42pm

· Hi, There are two settings will turn Exchange server 2007 in an open relay. 1. First thing is to check that you have not enabled "Externally Secured" on the Send and Receive Connectors that is exposed to the internet. If you are using an Edge server then force an Edge Sync to take place using the command "Start-EdgeSynchronization" 2. Ensure that you haven't set an Accepted domain as *, which turns the server in to an open relay. Note: Don’t forget restarting the Microsoft Exchange Transport Service. 3. Using the get-AntispamTopBlockedSenderDomains.ps1 script we can see which domains were most responsible for spam being sent to our organization. Although this information is useful it is also often misleading due to address spoofing. we also need to specify if this information is coming from p1 or p2, where P1 information comes from message envelope (from header field) and p2 comes from message header (from header field).Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
March 10th, 2011 3:22am

Hi, We have the same problem. My internal domain is also top listed! The edge-synchronization is running well. When I run a open relay check at mxtoolbox.com there are no isues. Also anti-spam updates works fine. We also use Forefront for Exchange. Please help!
May 17th, 2011 4:33am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics