Solved

Event log Analyzing

Posted on 2008-10-10
14
234 Views
Last Modified: 2011-10-19
Hi

i have attached one Event log. This Event Log at 5 am ( and no body tryed to send email to this address) still i am seeing this log in event  log
i already setup my server as http://support.microsoft.com/kb/843106 saing

my understanding is , 1) some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy. hense i am seeting this event log

is that right ??

Or 2) some one tryed to realy by using  my server and myserver actually relyed to that domain  but it got refused from chsel.net server so i am seeing this log in my event log ??

Please let me know, i am really worring .






Compromised2.GIF
0
Comment
Question by:fosiul01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685194
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685198
>some one tryed to realy to sales@chshel.net by using  my server but my server  refusing to realy.
That is correct.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685220
hi thanks, is there any way to create event log as soon as Exchange server will realy any email ??( offcourse authenticate but unauthenticate aswell)

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685233
you might want to check the diagnostic logging for the server in the ESM.
there are quite a lot of options that you can set there.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685242
you meant , message tracking ??

but with message tracking everything comes up, incomming , outgoing ..

i just want to check outgoing messages
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685255
no, i meant diagnostic logging from the exchange server properties in the Exchange system manager.
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685269
while i check diagnostic login please check the bellow

Please check the bellow picture, 5 minutes ago it came to my event log

does this mean Sameting is not it ?? some one is trying to realy mail via my server but my server is refusing to realy ??


compromised4.GIF
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685275
diagnostic logging from the exchange server properties in the Exchange system manager.  == is there any tutorial for that

i am not expert in exchange.
how will i do that ??
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685282
correct.
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685292
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685322
Hi thanks for that link

as you can see, i realy enable Msexchagne transport

but which service and categories do i have to select for viewing - all out going email eamil in event log ??
0
 
LVL 35

Expert Comment

by:rakeshmiglani
ID: 22685509
categorie can be SMTP Protocol
0
 
LVL 29

Author Comment

by:fosiul01
ID: 22685534
HI thanks again
SMTP protocol is set as medium

but i am not seeting any log when email is going out
0
 
LVL 35

Accepted Solution

by:
rakeshmiglani earned 500 total points
ID: 22685950
if you set that to maximum do you get any more details?
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2008 to Server 2012 6 40
SBS 2003 moving to Office 365 5 53
office 365 5 29
have server generate smtp request for testing 2 15
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question