Solved

Event log Analyzing

Posted on 2008-10-10
14
230 Views
Last Modified: 2011-10-19
Hi

i have attached one Event log. This Event Log at 5 am ( and no body tryed to send email to this address) still i am seeing this log in event  log
i already setup my server as http://support.microsoft.com/kb/843106 saing

my understanding is , 1) some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy. hense i am seeting this event log

is that right ??

Or 2) some one tryed to realy by using  my server and myserver actually relyed to that domain  but it got refused from chsel.net server so i am seeing this log in my event log ??

Please let me know, i am really worring .






Compromised2.GIF
0
Comment
Question by:fosiul01
  • 8
  • 6
14 Comments
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685194
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685198
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685220
hi thanks, is there any way to create event log as soon as Exchange server will realy any email ??( offcourse authenticate but unauthenticate aswell)

0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685233
you might want to check the diagnostic logging for the server in the ESM.
there are quite a lot of options that you can set there.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685242
you meant , message tracking ??

but with message tracking everything comes up, incomming , outgoing ..

i just want to check outgoing messages
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685255
no, i meant diagnostic logging from the exchange server properties in the Exchange system manager.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685269
while i check diagnostic login please check the bellow

Please check the bellow picture, 5 minutes ago it came to my event log

does this mean Sameting is not it ?? some one is trying to realy mail via my server but my server is refusing to realy ??


compromised4.GIF
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685275
diagnostic logging from the exchange server properties in the Exchange system manager.  == is there any tutorial for that

i am not expert in exchange.
how will i do that ??
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685282
correct.
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685292
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685322
Hi thanks for that link

as you can see, i realy enable Msexchagne transport

but which service and categories do i have to select for viewing - all out going email eamil in event log ??
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685509
categorie can be SMTP Protocol
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685534
HI thanks again
SMTP protocol is set as medium

but i am not seeting any log when email is going out
0
 
LVL 35

Accepted Solution

by:
rakeshmiglani earned 500 total points
ID: 22685950
if you set that to maximum do you get any more details?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
exchange 2007 5 36
DNS/WINS in a domain 10 37
EXCHANGE, OUTLOOK, CALENDAR 12 22
Modifying Powershell: Recipients returns System.Collections.ArrayList ? 4 26
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question