切换到宽版
  • 49119阅读
  • 17回复

[求助]Exchange2010大量邮件积压在队列中 [复制链接]

上一主题 下一主题
 
只看楼主 倒序阅读 0楼  发表于: 2011-07-12
    一波未平一波又起,之前邮件服务器无法接收外部邮件的问题刚解决了。解决的办法是重装了集线器传输服务器。在重装完成之后,可以正常收发邮件了。但是又出现了新的问题。邮件队列中每天出现大量的垃圾邮件。如下图所示:

-------------------------------------------------------------------------------------------------------------------------------
在信息中可以看到堆积了大量的邮件。

双击打开一个,显示的错误信息如下图所示:


求助,不知道这样的情况,是否说明邮件服务器被中继了? 是的话如何操作。  每天都会有大量的这种垃圾邮件。

分享到

只看该作者 1楼  发表于: 2011-07-13
您好,通过以下网站可以测试您的Exchange是否被中继:www.checkor.com

如果无法访问此站点,可以将exchange的接受连接器导出:GET-RECEIVECONNECTOR |FL,查看匿名用户是否有收发权限。另外通过Get-ACCEPTEDDOMAIN |FL可以查看是否有允许中继的邮件域。
Exchange中文站10周年献礼。Exchange2016中文视频教程热销中:edu.exchangecn.com/course/12
只看该作者 2楼  发表于: 2011-07-13
被中级继了
只看该作者 3楼  发表于: 2011-07-13


使用命令查看的结果如下:
[PS] C:\Windows\system32>Get-ReceiveConnector |fl

RunspaceId                              : 34397c11-1dd3-4735-b904-96145a186240
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {:::25, 0.0.0.0:25}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : dag-3.wodeyuming.com
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : unlimited
MaxInboundConnectionPercentagePerSource : 100
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 30
MaxLocalHopCount                        : 8
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 5000
PermissionGroups                        : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
LiveCredentialEnabled                   : False
Server                                  : DAG-3
SizeEnabled                             : EnabledWithoutValue
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Default DAG-3
DistinguishedName                       : CN=Default DAG-3,CN=SMTP Receive Connectors,CN=Protocols,CN=DAG-3,CN=Servers,
                                          CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,C
                                          N=wodeyuming,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=wonders
                                          ervice,DC=com
Identity                                : DAG-3\Default DAG-3
Guid                                    : 6718036c-08db-40fc-b4d6-32df97c091e2
ObjectCategory                          : wodeyuming.com/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 2011/7/9 20:25:43
WhenCreated                             : 2011/6/28 21:07:58
WhenChangedUTC                          : 2011/7/9 12:25:43
WhenCreatedUTC                          : 2011/6/28 13:07:58
OrganizationId                          :
OriginatingServer                       : mail.wodeyuming.com
IsValid                                 : True
RunspaceId                              : 34397c11-1dd3-4735-b904-96145a186240
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {:::587, 0.0.0.0:587}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : dag-3.wodeyuming.com
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : 5
MessageRateSource                       : User
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 30
MaxLocalHopCount                        : 8
MaxLogonFailures                        : 3
MaxMessageSize                          : 10 MB (10,485,760 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : AnonymousUsers, ExchangeUsers, ExchangeServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : True
LiveCredentialEnabled                   : False
Server                                  : DAG-3
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Client DAG-3
DistinguishedName                       : CN=Client DAG-3,CN=SMTP Receive Connectors,CN=Protocols,CN=DAG-3,CN=Servers,C
                                          N=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN
                                          =wodeyuming,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=wonderse
                                          rvice,DC=com
Identity                                : DAG-3\Client DAG-3
Guid                                    : 79568eff-add3-4b91-b1ea-31c5f4a57f33
ObjectCategory                          : wodeyuming.com/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 2011/7/6 10:18:37
WhenCreated                             : 2011/6/28 21:07:58
WhenChangedUTC                          : 2011/7/6 2:18:37
WhenCreatedUTC                          : 2011/6/28 13:07:58
OrganizationId                          :
OriginatingServer                       : mail.wodeyuming.com
IsValid                                 : True


[PS] C:\Windows\system32>Get-AcceptedDomain


这些都是我添加的权威域。

接受连接器,client和default的全选里面,都是允许匿名的。
只看该作者 4楼  发表于: 2011-07-13
回 2楼(aaron-gy) 的帖子
请问解决办法是什么呢? 邮件服务器一直处于这种运行状况。大致运行了一年多了。 这是一次出现这种问题

只看该作者 5楼  发表于: 2011-07-16
回 4楼(g丶妖精) 的帖子
Get-ReceiveConnector "Default DAG-3" | Get-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" |fl

看看有没有ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"这个权限

参考:http://technet.microsoft.com/en-us/library/bb232021.aspx
只看该作者 6楼  发表于: 2011-07-19
[PS] C:\Windows\system32>Get-ReceiveConnector "Default DAG-3" | Get-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" |f
l


User                : NT AUTHORITY\ANONYMOUS LOGON
Identity            : DAG-3\Default DAG-3
Deny                : False
AccessRights        : {ExtendedRight}
IsInherited         : True
Properties          :
ChildObjectTypes    :
InheritedObjectType :
InheritanceType     : All

User                : NT AUTHORITY\ANONYMOUS LOGON
Identity            : DAG-3\Default DAG-3
Deny                : False
AccessRights        : {ExtendedRight}
IsInherited         : True
Properties          :
ChildObjectTypes    :
InheritedObjectType :
InheritanceType     : All

User                : NT AUTHORITY\ANONYMOUS LOGON
Identity            : DAG-3\Default DAG-3
Deny                : False
AccessRights        : {GenericRead}
IsInherited         : True
Properties          :
ChildObjectTypes    :
InheritedObjectType : ms-Exch-Public-MDB
InheritanceType     : Descendents

User                : NT AUTHORITY\ANONYMOUS LOGON
Identity            : DAG-3\Default DAG-3
Deny                : False
AccessRights        : {GenericRead}
IsInherited         : True
Properties          :
ChildObjectTypes    :
InheritedObjectType : ms-Exch-Private-MDB
InheritanceType     : Descendents  
命令执行显示结果如上。
只看该作者 7楼  发表于: 2011-08-31
这个问题有没有人解决呀,我现在的邮件服务器也是这样的问题(exchange 2010),自从用了2010后,问题就不断的出现。
我发现其中有两个邮件地址一直向外发邮件,但是地址不是我公司内的。原发件的IP在2010上做了阻止,删除队列中的邮件
Remove-Message -Filter {FromAddress -eq "info@admin.net"} -WithNDR $false
Remove-Message -Filter {FromAddress -eq "info@lee.com"} -WithNDR $false
Remove-Message -Filter {FromAddress -eq "<>"} -WithNDR $false

但是删除了,一直在不断的生成,不知道是什么原因,楼上说是不是被中继了,怎么样查是否被中继了?
这个问题不知道怎么解决!

只看该作者 8楼  发表于: 2011-08-31
到下列网站测试看看是否open relay:

http://www.checkor.com/

如果是的话,执行下列命令关闭open relay:

Get-ReceiveConnector “YourReceiveConnectorName” | Remove-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

注:替换“YourReceiveConnectorName”为你的实际接收连接器名称
只看该作者 9楼  发表于: 2011-09-01
220 xxxxxxxxMicrosoft ESMTP MAIL Service ready at Thu, 1 Sep 2011 13:54:14 +0800
HELO ortest.checkor.com
250 xxxxxxxxHello [8.23.224.110]
RSET
250 2.0.0 Resetting
MAIL FROM: test@checkor.com
250 2.1.0 Sender OK
RCPT TO: test1@checkor.com
550 5.7.1 Unable to relay




RSET
250 2.0.0 Resetting
MAIL FROM: xxxxxxxx
501 5.1.7 Invalid address
RCPT TO: test1@checkor.com
503 5.5.2 Need mail command




RSET
250 2.0.0 Resetting
MAIL FROM:
250 2.1.0 Sender OK
RCPT TO: test1@checkor.com
550 5.7.1 Unable to relay




RSET
250 2.0.0 Resetting
MAIL FROM: spam@xxxxxxxx
250 2.1.0 Sender OK
RCPT TO: test1@checkor.com
550 5.7.1 Unable to relay




RSET
250 2.0.0 Resetting
MAIL FROM: spam@xxxxxxxx
250 2.1.0 Sender OK
RCPT TO: test1@mail.tydenchina.com
550 5.7.1 Unable to relay




RSET
250 2.0.0 Resetting
MAIL FROM: spam@xxxxxxxx
250 2.1.0 Sender OK
RCPT TO: test1@test.com@
550 5.7.1 Unable to relay




RSET
250 2.0.0 Resetting
MAIL FROM: spam@
250 2.1.0 Sender OK
RCPT TO: xxxxxxxx
:spamtest@checkor.com
550 5.7.1 Unable to relay

测试的结果是这样的,但是不知道是什么意思?请教?
快速回复
限60 字节
 
上一个 下一个