Hi everyone,
I have set up a new Exchange 2000 server, following all the recommended practices for shutting down open mail relay. I have tested the server from the abuse.net site, and it blocks anonymous connections except for the last attempt.
Based on this, and our security event logs, I have reason to believe that the server is still allowing open relay in some cases. We log all logins to our domain, and I am seeing quite a few logins to the Exchange server at very odd times of the day from the system account (SERVERNAME$).
Does anyone have any recommendations for stopping spammers from using the system account to log in (if indeed that's what's happening)?
Thanks,
Greg
Gregory A. Lusk, P.E., CCNA
I have set up a new Exchange 2000 server, following all the recommended practices for shutting down open mail relay. I have tested the server from the abuse.net site, and it blocks anonymous connections except for the last attempt.
Based on this, and our security event logs, I have reason to believe that the server is still allowing open relay in some cases. We log all logins to our domain, and I am seeing quite a few logins to the Exchange server at very odd times of the day from the system account (SERVERNAME$).
Does anyone have any recommendations for stopping spammers from using the system account to log in (if indeed that's what's happening)?
Thanks,
Greg
Gregory A. Lusk, P.E., CCNA
