Exchange SMTP Connector
Posted on 2007-08-03
I recently had an exchange server setup with an SMTP connector. The SMTP connector relayed all mail to my main server and then my main server sent the mail out. The problem I ran into was that somehow a spammer was able to use the connector and send mail from the secondary server to the main server. The queue was getting flooded. I had 15,000+ messages sent before I realized it was going on. I first thought the spammer gained access to a user account and was using it to send out the mail. I changed all passwords, disabled accounts and still received the mail. I then created a new SMTP VS. It stopped for an hour or so, then it was getting hit again. I changed the firewall settings to block all port 25 traffic to ensure it was coming from outside my network. It was. I finally deleted the connector to my main server and the server now uses DNS to route the messages. My question is what happened?? Why did this happen? How can I enable my connector to the main server without fear of being flooded again?