Clear outgoing spam problems on your Exchange 2003 server / network

Today I had to sort out a client’s mail server after BT disconnected them from all broadband access. Their server had sent out 108 000 spam e-mails, and the mail queues were full, trying to send more.

They had to contact BT, and ask them to re-connect their broadband service, so that I could remotely login and take a look into the issue.

First thing I did once I got access was disable their SMTP Service. To do this, right-click My Computer, go to “Manage” expand “Services and Applications” Double click on Services, and scroll down to Simple Mail Transport Protocol Service. Right-click it, and select Stop. This will halt all outgoing mail.

From this point, I logged into the router (Which happened to be a Netgear DG834), and checked the firewall logs. I could see tons of SMTP connections from external IP address, first of all I thought let me just secure the firewall – this hadn’t been done on this particular router.

I went to the Firewall settings, and made some rules as follows :
Outbound traffic:
Allow SMTP(25) for single IP address on the internal LAN (192.168.16.2) – this is the IP of the mail server.
Dissallow SMTP(25) for all IP addresses on internal LAN. (The above rule for the server overrides this).

I did a test before enabling these rules by using telnet to test outgoing SMTP connections from a few client PCs on the network first.

From command prompt, type : telnet anymailserver.com 25 (replace anymailserver.com with a mail server address such as mail.google.com). I could make a connection using this before the rule was in place, after the rule was enabled I could not, so this firewall rule was working well to block SMTP traffic from any PCs on the network that we didn’t want to be able to send mail. This by the way, was in case one or more of the PCs had picked up a mass mailing worm that was sending spam directly from the PC. A telnet test from the mail server still worked, as I had explicity allowed SMTP traffic from it’s IP address. So that was the Internal network locked down. You can see if you get a successful telnet on port 25 if the command prompt goes blank, or gives you a mail server welcome message. (See the image below). If you don’t get a connection, the attempt will time out, and say it didn’t manage to connect after a few seconds.

telnet25

Another thing to do at this point, would be to ensure the Anti virus is up to date on all PCs and the server, and scan them to ensure they are all clean.

Next up was the Exchange configuration – I checked that relay access was restricted only to the Mail server itself.

Open Exchange System Manager by going to Start menu – Programs, Exchange, Exchange System Manager.

Expand Servers, select your mail server name (In this case it is SBS2003), expand protocols, expand SMTP, and right click on the Default SMTP Virtual Server icon, then select Properties. (See image below)

Exchange System Manager

Once the properties sheet is open, click on the “Access” tab, then click on the “Relay” button.

Ensure that only localhost (127.0.0.1) – the server itself, and the Server’s IP address internally are in the list. So in this case 127.0.0.1 and 192.168.16.2 are in the list, with the option “Only the computers below” selected. Then untick the check box below that list (Allow all computers which successfully authenticate to relay, regardless of the list above). This makes sure that only the server can relay mail. Obviously the situation depends on how your network is setup, so as long as you don’t have other mail servers connecting to this exchange server then you should be safe un-ticking this option. See image below :

relay_access1

Click Ok, and then Ok once again. Open My computer, and browse to your exchange server’s queue folder. This is usually in C:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue

You would probably have thousands of files in here, so re-name the Queue folder to Queue_old or something like that, and create a new folder called “Queue” in it’s place. This will ensure a clear queue for when we re-enable the SMTP service.

Now go to your Services again, and Start the SMTP service, by right-clicking Simple Mail Transport Protocol, and clicking the Start option.

If all goes well, your queues should stay clear of any bad mail, and your network should be able to send mail again.

How to add a user as a local administrator using Windows Server 2008

The computer management console for Server 2008 has changed slightly between now and Windows Server 2003. I was trying to ensure a particular user was setup as a local administrator on a Windows 2008 Small Business Server today, and couldn’t find the option to do this via the GUI. Anyway, for those wondering how this is done using the command prompt, here is the solution.

First you need to run command prompt as an Administrator. Open Computer, go to your C: drive, and navigate to your Windows\System32 directory. Find “cmd.exe” right click on it, and select the run as Administrator option. Once at the command prompt, type the following :

net localgroup Administrators /add (domain)\(username)

(Obviously replace (domain)\(username) with your domainname\username that you want to be the local admin) – That is without the brackets.

You should get a message saying the command completed successfully. If you get an access denied error, you more than likely have not run cmd.exe as an administrator.

Be sure to run cmd.exe as administrator.

Winter is here! Testing the picture gallery plugin.

We went down to the local commons today, to see if the lakes would be frozen. We got there in the early afternoon, and my car temperature was already reading -2 degrees Celsius! I managed to get some decent photos taken, and so did the girlfriend. Today was the first time I had to fully kit myself out in my winter attire. Once at the lake, we were able to walk across the entire expanse of frozen water, and spent a few minutes hitting ice blocks around with sticks on the ice.

Anyway, the main reason for this post was to test my new plugin for uploading mini picture galleries to blog posts. I got it from here.

[PSGallery=1p4cio7rrq]

Changing Password policies in Server 2008

I have been using Windows 2008 Server Standard as my operating system of choice at home for quite a few months now, and twice I have had to change my password due to the security policy in place by default. This setting forces you to change your password every 42 days. Anyway, up until now I had been too lazy to disable the policy. So for those of you who don’t know where to do this, here is how.

Go to Start – Run, and type in gpedit.msc

Click OK.

Expand the following branches by clicking the little arrow signs next to each one :

Computer Configuration – Windows Settings – Security Settings – Account Policies – and then finally,  Password Policy

Select Password policy, and on the right hand side list double click (or right click – properties) on “Maximum Password Age”

Change this to setting to 0, and then click OK.

Close the Group Policy editor, and from now on you won’t have that annoying mandatory password change every month or so.

password_policies2

Getting back into 3D modeling

Over the past few days I have felt the need to do something slightly more creative than gaming / watching tv / eating Christmas pudding / general lazing about on holiday. I haven’t really done any 3D modeling since 2005, apart from a few odds and ends here and there. This was done after some recapping and getting back up to speed with 3D Studio Max.

I used a couple of techniques learnt from doing some recap tutorials for the mountains and rocks. I made the texture on the rocks by overlaying a photo of some old mossy type plants over a photo of some sandy rock. Bump mapping was done using the same image in high contrast black & white. Anyway, here is the current render I have. I will upload one of the first renders later, and then perhaps see if I can improve on the current render whenever I get a spare moment.

Desert Temple

Xbox 360

The other day I decided it was time to get another Xbox 360. My original Core unit that I bought a couple of years ago was stolen in South Africa, and since then I have not been into console gaming. After playing Rock band, Geometry wars, and seeing the new Gears of War 2 previews, the temptation was too much, and we went out and got an Xbox 360 Premium, an extra wireless controller, play and charge kit, and a few games. I was pleasantly surprised to see an HDMI connector on the back of the console, and must say that 1080p, along with optical audio (using Logitech Z5500 speakers) equals an incredible gaming experience! All I need now is my own TV! (This one belongs to our housemate).

mediasetup1

So far we are playing :

PGR 4, Sonic, Ninja Gaiden 2, and a bunch of free demos from Xbox Live. Can’t wait to get hold of : Rockband / Rockband 2, GoW2, GTA IV, and Tomb Raider Underworld.

Here is my Gamertag for now. This should dynamically update as I get more gamerscore.