It looks like I am getting spoofed. Noone from my domain is sending these messages. Is there a way to stop this?
Posted on 2008-02-11
I am getting an error - Source: MSExchangeTransport, Category: SMTP Protocol, Event ID: 7004 and Enent ID: 7002 every few seconds. I don't think anyone in my organization is sending out emails to the recipients listed in the error description. Is my exchange server getting spoofed? Can I stop it? Should I be worried.
Here is an example of the error 7004:
This is an SMTP protocol error log for virtual server ID 1, connection #3309. The remote host "22.214.171.124", responded to the SMTP command "rcpt" with "553 This server does not accept mail for that address (#5.7.1) ". The full command sent was "RCPT TO:<LadonnapolytechnicBateman@medical-search.org> ". This will probably cause the connection to fail.
Here is an example of the warning 7002:
This is an SMTP protocol warning log for virtual server ID 1, connection #3310. The remote host "126.96.36.199", responded to the SMTP command "rcpt" with "450 4.1.1 <FranciscaskitHorner@lisp.org>: Recipient address rejected: User unknown in local recipient table ". The full command sent was "RCPT TO:<FranciscaskitHorner@lisp.org> ". This may cause the connection to fail.