<div>
One thing to try. Go to Message Tracking Center. Run a query on an intended recipient (if you can tell from the Failure Notice) and see who the sender is. Or whatever information you have from the failure notice, see if you can query it in some fashion from the MTC to determine any origination information.
</div>


One thing to try. Go to Message Tracking Center. Run a query on an intended recipient (if you can tell from the Failure Notice) and see who the sender is. Or whatever information you have from the failure notice, see if you can query it in some fashion from the MTC to determine any origination information.

<div>
Thanks Simon--when i checked the MTC on the server and watched the queues for a while and saw nothing suspicious I figured that's what was going on. Better safe than sorry, though.<br />

</div>


Thanks Simon--when i checked the MTC on the server and watched the queues for a while and saw nothing suspicious I figured that's what was going on. Better safe than sorry, though.


<div>
<div class="content wysiwyg-content">
I set up some spam filtering software on an Exchange 2003 server and I have been monitoring the &quot;bad mail&quot; folder daily to make sure it doesn't block anything good. &nbsp;This morning I noticed litterally hundreds of &quot;Failure Notice&quot; emails from &quot;MAILER-DAEMON&quot; at many different domains. &nbsp;It appears all these messages say they originated from &nbsp;[random name]@[mydoamin].com. &nbsp;The server is not an open relay, and I am checking the queues for anything suspicious, but see nothing in the way of outgoing mail coming from my server.<br />
<br />
Is this a sign that someone on the domain is sending out spam? What's the best way to track it down if this is the case?
</div>
</div>


I set up some spam filtering software on an Exchange 2003 server and I have been monitoring the "bad mail" folder daily to make sure it doesn't block anything good.  This morning I noticed litterally hundreds of "Failure Notice" emails from "MAILER-DAEMON" at many different domains.  It appears all these messages say they originated from  [random name]@[mydoamin].com.  The server is not an open relay, and I am checking the queues for anything suspicious, but see nothing in the way of outgoing mail coming from my server.

Is this a sign that someone on the domain is sending out spam? What's the best way to track it down if this is the case?

Is someone on my domain sending out spam? Exchange Server is receiving a lot of failure notices

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Exchange

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).