We are getting an increase of spam and an increase of messages that have been sent from specific user accounts without the owner knowing. It seems as though we have relaying enabled and that our e-mail server is allowing messages to be sent without the owners permission.
We are running Exchange Server 5.5 (SP4) with many of the latest exchange patches on a Windows 2000 Server (fully patched). The environment is primarily Windows 2000 servers with a linux box acting as a Gateway/Firewall. Our Exchange server is running Antigen 7.5 in order to filter virus's and content AND all client machines and the server have a local anti-virus program installed and updated for protection.
I have made the necessary changes in the IMS (e.g. Checkmark in the "Hosts and Clients with these IP addresses", while not listing an IP address) as suggested here: http://www.winnetmag.com/MicrosoftExchangeOutlook/Article/ArticleID/7696/MicrosoftExchangeOutlook_7696.html
but we still seem to be relaying.
I would like to answer the following questions.
1. How can we tell if our server has relaying turned on?
I was unable to telnet into our Windows 2000 server in order to try the suggestions in the article above (e.g. telnet servername 25). The telnet window hangs. If someone can troubleshoot telnetting in I would appreciate that. I have turned the telnet service on on the server AND even tried enabling the telnet port on our firewall but still no luck. What else do I have to configure to make telnet work?
2. Are there any other ways to disable relaying other than the common solution discussed in the article above. We have already applied this solution and seem to be getting a lot of spam.
Anyone who can point me in the right direction would be much appreciated.