If anyone knows a way for me to log what user account on my active directory in windows 2000 w/exchange 5.5 is being used for the spam relay id be MOST appricative =)
Heres the full scoop if your interested, thanks for reading:
Greetings, It seems sense a few days ago someone or some bot is attempting to relay 80,000 messages a day through our Exchange 5.5 SP4 server. Unfortunatly we do not have any kind of internal filter server to relay mail interally and filter the crap, we just have one exchange server so this is kind of an annoying problem to say the least. The routing restrictions on IMC are "by the book" settings for a single exchange server to prevent an outside user from relaying to another outside user:
- Accepting incoming SMTP and rerouting as inbound to my domain
- Users/hosts must be authenticated [checked]
- Only reroute to this ip/network [checked]
The table of addresses allowed to reroute to is empty
Mail is STILL being routed through our system like crazy so we are just destorying it all at the firewall atm.
any ideas? thanks alot
Heres the full scoop if your interested, thanks for reading:
Greetings, It seems sense a few days ago someone or some bot is attempting to relay 80,000 messages a day through our Exchange 5.5 SP4 server. Unfortunatly we do not have any kind of internal filter server to relay mail interally and filter the crap, we just have one exchange server so this is kind of an annoying problem to say the least. The routing restrictions on IMC are "by the book" settings for a single exchange server to prevent an outside user from relaying to another outside user:
- Accepting incoming SMTP and rerouting as inbound to my domain
- Users/hosts must be authenticated [checked]
- Only reroute to this ip/network [checked]
The table of addresses allowed to reroute to is empty
Mail is STILL being routed through our system like crazy so we are just destorying it all at the firewall atm.
any ideas? thanks alot
