I have an Exchange 2003 SP2 server that was recently hijacked by someone who gained access using the username and password of one of our employees. I believe I have this situation under control.
However, I am looking for some step-by-step directions on how to really lock down our server. I am familiar with navigating ESM but I am unsure of what authentication options should be enabled, and pretty much every other setting in there. Could someone help me set the security on this server so only users of our domain can send mail?
Also, is there a way to flag the admin if one user is sending X number of emails out?