I have an Exchange server on Server 2000 that is a victim of spoofing. An example of this is email@example.com is getting mail from firstname.lastname@example.org with junk in it for commercial products such as Cialis and porn. Now user knows user2 wouldn't send that, and I know user2 didn't. I know someone is just sending mail as through telnet but how do you stop a thing like that? I was looking through the Exchange System Manager and I found that the Default Virtual Smtp connector allows anonymous access, but if I remove that it won't allow inbound mail even if I am replying to an email that someone from @domain.com sent me. There is an outbound security checkbox for anonymous access, but I am afraid that will do something similar. Any ideas on how to stop this sort of thing?
Thanks in advance.