We are running a Windows 2000 server, which is used for hosting a few websites and also contains our email server.
The email server is a relatively old software program, but works fine for our needs and at the moment we don't have the resources to get this upgraded.
Our only problem is that in the logs of the email server I can see that there are 3 IP addresses that are continually connecting to the server. These are unknown IP addresses to us and I'm not sure why they are connecting to our server. The email program allows me to block SMTP connections and this seems to work fine for other ranges of IP addresses that are sending us spam. But it does not block these connections, so they are obviously not SMTP connections.
Is there any way to determine what these connections are and blocking them? Unfortunately my knowledge on this subject is limited, so I may be missing something obvious.