|
Home > Archive > IIS and SMTP > August 2004 > Switched DNS MX to new Server, Old Server still Gets Mail - What domain?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Switched DNS MX to new Server, Old Server still Gets Mail - What domain?
|
|
| Scott Townsend 2004-08-19, 5:57 pm |
| On 8/5/2004 I switched all of the MX Records for all of our domains to point
to our new SMTP Server.
I've seen the Size of the Log go from 2.5megs a day down to 64K a day. So I
know that I got most of them.
Though there are still about 70 connections a day on the server.
We have about 50 Domains that we service and I've done a Grep on the DNS
files to make sure I didn't miss an MX record and all looks good.
Is there a way to find out what domain the mail is going to?
Thanks,
Scott<-
| |
| Ken Schaefer 2004-08-20, 2:50 am |
| Um, what SMTP server are you using? IIS SMTP server creates log files where
you can see the RCPT <someone@somedomain.com> being logged.
Cheers
Ken
"Scott Townsend" <scott-i@.-N0-SPAMplease.enm.com> wrote in message
news:u3PJWkghEHA.3988@tk2msftngp13.phx.gbl...
> On 8/5/2004 I switched all of the MX Records for all of our domains to
> point
> to our new SMTP Server.
>
> I've seen the Size of the Log go from 2.5megs a day down to 64K a day. So
> I
> know that I got most of them.
>
> Though there are still about 70 connections a day on the server.
>
> We have about 50 Domains that we service and I've done a Grep on the DNS
> files to make sure I didn't miss an MX record and all looks good.
>
> Is there a way to find out what domain the mail is going to?
>
> Thanks,
> Scott<-
>
>
| |
| Scott Townsend 2004-08-22, 6:05 pm |
| I'm using IIS SMTP on Win2K Server.
My Log entries look like:
00:46:54 222.145.179.66 HELO - 250
00:46:55 222.145.179.66 MAIL - 250
00:46:59 222.145.179.66 RCPT - 550
00:47:02 222.145.179.66 QUIT - 240
01:14:53 213.39.165.217 HELO - 250
01:14:53 213.39.165.217 MAIL - 250
01:14:55 213.39.165.217 RCPT - 550
01:14:55 213.39.165.217 QUIT - 240
01:41:38 221.167.114.33 HELO - 250
01:41:38 221.167.114.33 MAIL - 250
01:41:40 221.167.114.33 RCPT - 550
01:41:40 221.167.114.33 QUIT - 240
What option do I need to turn on to see the actual RCPT?
Thanks,
Scott<-
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:%23PxO$XmhEHA.704@TK2MSFTNGP09.phx.gbl...
> Um, what SMTP server are you using? IIS SMTP server creates log files
where
> you can see the RCPT <someone@somedomain.com> being logged.
>
> Cheers
> Ken
>
> "Scott Townsend" <scott-i@.-N0-SPAMplease.enm.com> wrote in message
> news:u3PJWkghEHA.3988@tk2msftngp13.phx.gbl...
So[vbcol=seagreen]
>
>
| |
| Ken Schaefer 2004-08-22, 8:47 pm |
| Open IIS Manager, right-click on the SMTP virtual server -> properties. On
the general tab ensure that logging is enabled, and hit the button to
configure W3C Extended logging. On the Extended properties tab, check the
things you need.
Judging by the response codes: 550, it seems that people are attempting to
deliver stuff straight to your server, but your server is rejecting them.
This is typically spammers that try to deliver mail to your older servers
even if they are not listed in the DNS. It doesn't seem like you're getting
a lot of it (one message per hour) - I see the same thing on boxes that I
have that used to be listed as MX hosts.
Cheers
Ken
"Scott Townsend" <scott-i@.-N0-SPAMplease.enm.com> wrote in message
news:%23cvXQithEHA.3632@TK2MSFTNGP09.phx.gbl...
> I'm using IIS SMTP on Win2K Server.
>
> My Log entries look like:
> 00:46:54 222.145.179.66 HELO - 250
> 00:46:55 222.145.179.66 MAIL - 250
> 00:46:59 222.145.179.66 RCPT - 550
> 00:47:02 222.145.179.66 QUIT - 240
> 01:14:53 213.39.165.217 HELO - 250
> 01:14:53 213.39.165.217 MAIL - 250
> 01:14:55 213.39.165.217 RCPT - 550
> 01:14:55 213.39.165.217 QUIT - 240
> 01:41:38 221.167.114.33 HELO - 250
> 01:41:38 221.167.114.33 MAIL - 250
> 01:41:40 221.167.114.33 RCPT - 550
> 01:41:40 221.167.114.33 QUIT - 240
>
> What option do I need to turn on to see the actual RCPT?
>
> Thanks,
> Scott<-
> "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
> news:%23PxO$XmhEHA.704@TK2MSFTNGP09.phx.gbl...
> where
> So
>
>
| |
|
| Keep in mind that both the MX record and the A record of any domain will
receive e-mail for said domain. This is due to broken SMTP servers that will
send e-mail to the A record without bothering to look up an MX record.
|
|
|
|
|