I am apparently spamming the world (about 1000 a day) but cannot figure out how. Mxtoolbox does not list me as an open relay and I have disabled all relays that I can find. I have run every virus scan known to man. The only way I can stop it is to disable anonymous access under "access->authentication" on the default smtp virtual server. Unfortunately, this also stops all incoming email from reaching us, though outgoing still works. When I have this checked, I can watch the "current sessions" and they are almost nonstop. How can I eat my cake and have it too?

  • 11

1 Answers1


Your best bet might be to install a hardware spam filter (or a virtual appliance) to not only filter your spam but also disallow people from using it as an open relay, especially if they happen to be on a spam blacklist. Sad thing is, there are provisions in the SMTP RFC that allow you to detect and block people doing this. These are either not available in Exchange 2003 or are simply turned off by default.

NearlyFreeSpeech lists their spam detection strategies at https://www.nearlyfreespeech.net/about/email and it really boils down to a few simple requirements, things that 90% of the spam sent via your mail server would fail to have:

  • Reverse DNS with a forward DNS that matches (i.e. resolves to, and also resolves to;
  • A and MX DNS records for the domain being sent
  • SPF if available
  • Not on a spam blacklist

A reputable spam filter will check these; a good mail server package will do the same, but a spam filter can go into content and look for spam there as well. It really comes down to needs in the end.

Aaron Mason
  • 703
  • 6
  • 19