bezell2
asked on
Where is this spam coming from - SBS 2003?
I was told by my SMTP relay provider that my SBS 2003 server was relaying large amounts of spam messages. I checked and I am not an open relay. I could find the messages in my Message Tracker and in the Exchange logs. Attached is a spreadsheet with some of the spam messages. The "client-ip" is not mine. How do I find out where this is coming from and how do I block it?
spamlog.xls
spamlog.xls
Go to the properties of the SMTP Virtual Server. Go to the "Access" tab and then to "Connection Control". The box "All except the list below" should already be checked. Add the IP address 89.121.208.162 there.
ASKER
This has happened multiple times from multiple IP addresses. Is there a way to only let internal authenticated users relay mail through my server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I made the changes to the SMTP virtual server. Haven't seen anything come through, but it seems to come in spurts. Is there any way to track what machine or user the spam was coming from?
I dont remember where, but look for a option in exchange which says only accept mails targeted for authenticate users of active directory or something similar.
What is happening is, someone sends spam to your server, and then if the email id does not exist in your network, then exchange tries to reply back with a message. Not sure, but i guess this is what is happening if your email server is not an open relay.
Do you have mail security solution installed on your server? It is a must to have, you simply cant live without it.