I admit being far from a server admin, but the only issue that we seem to have hit is a recent (and dramatic) increase in disk usage, to the point that it slows the server down. Some tinkering showed that it is from the SMTP server- when stopped, the hard drive gets a break (but of course no e-mail moves). When turned on, the usage jumps. In six days, we had nearly 750,000 files in the Badmail folder, so obviously (I think) the server is relaying (we are small- we don't send 750,000 total e-mails in a year!). Some reading led me to un-check the 'allow all computers which successfullyauthenticate to relay,regardless of the list above' box in the Relay portion. We listed only the network addresses and two outside IP's that we use within the list. I also read to list only the IP addresses that should have access within the Connection section, but when we do this we receive no incoming e-mail from the outside world. What is the correct setup to ensure that our server is not relaying spam for some outside source, yet allows all legitimate incoming and outgoing e-mail? This has been such a puzzle for us, and I just cannot figure it out. Thanks in advance for any help. Rick

I presume that you are running Exchange Server 2003? The default SMTP Virtual Server Properties should be fine for you, these are: Anonymous Access Allow ONLY the list below to Relay No public IP;s should be included in the list, only the private IP's of Mail Relays / Gateways / Exchange Servers in your network. Also check out if you have an SMTP connector, there is a check box on the Domains page for "Allow Relaying to these domains" (or something similar - bear with me as I am working from memory) this should NOT be checked. provided the above are met, then mail should route fine since external email sent to your domain is not "relayed" through your server but submitted to your server. Only emails from your (or another)domain to another domain will be considered as "relayed" Also make sure you do not have malware of any sort on your servers / clients as these can cause similar problems, especially if you have a mass mailer worm.

I am sorry- yes, we are running Exchange 2003 on SBS 2003. Essentially all that I have changed from the default settings is to un-check the Anonymous Access box in the Relay portion (but only after the issues of the past two weeks), and to list the IP address for the network (which is all behind a single router, hence adding a single IP), and the IP address for two outside computers that are part of our business, simply at different locations. When I also enter these IP addresses into the Connection section, the hard drive gets a break, the Queue drops, and the Queue folder stays empty. But, we also get no incoming e-mail. When I allow all IP's in the Connection window, then the hard drive runs nearly constantly, the Queue jumps (for example, we show in excess of 1000 e-mails in the Queue, and they are most definitely not from us), and the Badmail folder fills virtually as fast as we can empty it (43000 files in 8 hours). I looked, and the SMTP connector does not have the box for relaying checked. Is there something else that would cause these problems that are not related to someone relaying through our server? Is there any software or place to run the server through a test for malware? The server itself is simply a gateway for our web access, e-mail, and hosting our websites. We do not actually use the server to run any separate usable programs, so I cannot imagine there being malware on the server, but it is worth checking at this point.

OK, at this stage I am pretty certain that the problem is related to an Open Relay on your SMTP Virtual Server. Again set it up as follows: 1 - Anonymous Access = Allowed 2 - Allow ONLY the list Below to Relay (Add the computers you wish to allow relaying ONLY - the ones in the remote site in particular) 3 - Allow All computers which successfully authenticate to relay regardless of the list above Now you should be able to receive email without permitting other users to relay. Malware can be scanned using any AV Software. I would recommend using Kaspersky myself. If you go to their website, you can download a fully functional 30 day trial version & use that to scan your server.