Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

Event log Analyzing

Hi

i have attached one Event log. This Event Log at 5 am ( and no body tryed to send email to this address) still i am seeing this log in event  log
i already setup my server as http://support.microsoft.com/kb/843106 saing

my understanding is , 1) some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy. hense i am seeting this event log

is that right ??

Or 2) some one tryed to realy by using  my server and myserver actually relyed to that domain  but it got refused from chsel.net server so i am seeing this log in my event log ??

Please let me know, i am really worring .






Compromised2.GIF
0
fosiul01
Asked:
fosiul01
  • 8
  • 6
1 Solution
 
rakeshmiglaniCommented:
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
rakeshmiglaniCommented:
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
fosiul01Author Commented:
hi thanks, is there any way to create event log as soon as Exchange server will realy any email ??( offcourse authenticate but unauthenticate aswell)

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
rakeshmiglaniCommented:
you might want to check the diagnostic logging for the server in the ESM.
there are quite a lot of options that you can set there.
0
 
fosiul01Author Commented:
you meant , message tracking ??

but with message tracking everything comes up, incomming , outgoing ..

i just want to check outgoing messages
0
 
rakeshmiglaniCommented:
no, i meant diagnostic logging from the exchange server properties in the Exchange system manager.
0
 
fosiul01Author Commented:
while i check diagnostic login please check the bellow

Please check the bellow picture, 5 minutes ago it came to my event log

does this mean Sameting is not it ?? some one is trying to realy mail via my server but my server is refusing to realy ??


compromised4.GIF
0
 
fosiul01Author Commented:
diagnostic logging from the exchange server properties in the Exchange system manager.  == is there any tutorial for that

i am not expert in exchange.
how will i do that ??
0
 
rakeshmiglaniCommented:
correct.
0
 
fosiul01Author Commented:
Hi thanks for that link

as you can see, i realy enable Msexchagne transport

but which service and categories do i have to select for viewing - all out going email eamil in event log ??
0
 
rakeshmiglaniCommented:
categorie can be SMTP Protocol
0
 
fosiul01Author Commented:
HI thanks again
SMTP protocol is set as medium

but i am not seeting any log when email is going out
0
 
rakeshmiglaniCommented:
if you set that to maximum do you get any more details?
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now