Open Relay Issues with SBS 2003

Tutorials Win: Microsoft Windows Forum

I'm running SBS 2003 Standard with SP2. All of a sudden my server is
starting to get blacklisted due to open relay issues. Nothing has changed,
however. I have verified the relay restrictions on the Default SMTP Virtual
Server and they're the standard settings that are usually on an SBS server
following the use of the Internet Connection Wizard. The granted IPs are
127.0.0.1, 192.168.16.2 (255.255.255.0) and my external LAN NIC, which is a
valid IP address. The "Allow all computers which successfully..." checkmark
is selected as well. I do have a valid reverse DNS entry and MX record on
my external DNS record. I am using the standard R&RA firewall settings that
comes with SBS Standard.

What is wierd is that some of the external open relay tests come back
negative and some come back possitive even thought I'm using the same
IP/host when running the tests. I've used http://www.abuse.net/relay.html,
http://www.spamhelp.org/shopenrelay/ and also followed the Microsoft KB to
test for open relay, which comes back negative. It seems that the tests
that run multiple open relay checks at the same time are getting a few
through, but the ones that run a single test comes back blocked/negative.

Any thoughts or suggestions would be gladly accepted.

Ken
Top

Re: Open Relay Issues with SBS 2003 by SteveB

SteveB
Thu Jun 26 08:25:28 PDT 2008

You should uncheck the "Allow all computers which successfully..." box.

"Ken Sheppard" <ksheppard31@hotmail.com> wrote in message
news:1034A7C9-741D-4C96-9482-7E9B9FD5ABBF@microsoft.com...
> I'm running SBS 2003 Standard with SP2. All of a sudden my server is
> starting to get blacklisted due to open relay issues. Nothing has
> changed, however. I have verified the relay restrictions on the Default
> SMTP Virtual Server and they're the standard settings that are usually on
> an SBS server following the use of the Internet Connection Wizard. The
> granted IPs are 127.0.0.1, 192.168.16.2 (255.255.255.0) and my external
> LAN NIC, which is a valid IP address. The "Allow all computers which
> successfully..." checkmark is selected as well. I do have a valid reverse
> DNS entry and MX record on my external DNS record. I am using the
> standard R&RA firewall settings that comes with SBS Standard.
>
> What is wierd is that some of the external open relay tests come back
> negative and some come back possitive even thought I'm using the same
> IP/host when running the tests. I've used
> http://www.abuse.net/relay.html, http://www.spamhelp.org/shopenrelay/ and
> also followed the Microsoft KB to test for open relay, which comes back
> negative. It seems that the tests that run multiple open relay checks at
> the same time are getting a few through, but the ones that run a single
> test comes back blocked/negative.
>
> Any thoughts or suggestions would be gladly accepted.
>
> Ken


Top

Re: Open Relay Issues with SBS 2003 by Cliff

Cliff
Thu Jun 26 09:45:29 PDT 2008

Most configurations don't require you to relay FROM your external NIC.
Depending on other settings in your configuration (authentication, etc) you
may be getting authenticated relays...which could be a sign of a compromised
password. At the very least, remove the external IP from the list. Then
you'll have the time start investigating your accounts.

-Cliff

"Ken Sheppard" <ksheppard31@hotmail.com> wrote in message
news:1034A7C9-741D-4C96-9482-7E9B9FD5ABBF@microsoft.com...
> I'm running SBS 2003 Standard with SP2. All of a sudden my server is
> starting to get blacklisted due to open relay issues. Nothing has
> changed, however. I have verified the relay restrictions on the Default
> SMTP Virtual Server and they're the standard settings that are usually on
> an SBS server following the use of the Internet Connection Wizard. The
> granted IPs are 127.0.0.1, 192.168.16.2 (255.255.255.0) and my external
> LAN NIC, which is a valid IP address. The "Allow all computers which
> successfully..." checkmark is selected as well. I do have a valid reverse
> DNS entry and MX record on my external DNS record. I am using the
> standard R&RA firewall settings that comes with SBS Standard.
>
> What is wierd is that some of the external open relay tests come back
> negative and some come back possitive even thought I'm using the same
> IP/host when running the tests. I've used
> http://www.abuse.net/relay.html, http://www.spamhelp.org/shopenrelay/ and
> also followed the Microsoft KB to test for open relay, which comes back
> negative. It seems that the tests that run multiple open relay checks at
> the same time are getting a few through, but the ones that run a single
> test comes back blocked/negative.
>
> Any thoughts or suggestions would be gladly accepted.
>
> Ken

Top