I have a Windows 2000 SBS running Exchange 2000. It was an open relay, which I closed, however now it seems to be being used as a relay again. I have traced it to a user logging in using the login "WEB". No username (pre 2000 or otherwise) has this name, Guest is disabled, the IIS default accounts and Terminal Server Accounts are all disabled. How can I disable this account and prevent this from happening further?
Thanks in advance for your help!