• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

Exchange 2003 sending bogus emails

What is the best way to troubleshoot my Exchange 2003 server that is sending out a TON of bogus emails?  I have enabled message tracking and it looks like something is having a great time. :(  Any help to troubleshoot and narrow this down would be great.  I have run an AV scan on the server and came back clean.
0
JJMarquart
Asked:
JJMarquart
  • 2
1 Solution
 
JJMarquartAuthor Commented:
Awesome!  I think I am on the right track.  I have added the sender and recipient filtering and enabled the filter on the virtual SMTP server.  My event log is still recording alot of stuff outlined below.  I disabled the account I found in event viewer that was authenticating and sending email.  Any other tips on the info below would be awesome!

taurshen@ms16.hinet.net      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      ping6677g@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      intermet.tw@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      sugar_honey0913@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      ginny19900505@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      uendy29@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      yiling2247@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      e8229540@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      joanna910818@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      xyzmocha@yahoo.com.tw      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -
2011-9-21      2:1:27 GMT      99.159.239.145      vibwzh.com      -      SERVER      192.168.2.10      qkmjy1oqwde3kx@ms10.hinet.net      1030      a7d7b9ab5b004890b42a175c4bbe96a5@cb9c60fb073e420f9d6b9ffe40886c30      3      0      2774      11      2011-9-14 12:31:22 GMT      0      Version: 6.0.3790.4675      -       =?BIG5?B?WWFob28hqV+8r6nnveYgsN3DRKFHam5lZGliLHByanl6bg==?=      ofkef@pfld.com      -

2011-9-21      2:1:27 GMT      -      -      -      SERVER      -      ugeqz@yahoo.com.tw      1025      I9IJsaJbq00009145@ourdomain.com      0      0      4876      1      -      0      Version: 6.0.3790.4675      -      Delivery Status Notification (Failure)      postmaster@ourdomain.com      -

2011-9-21      2:1:27 GMT      -      -      -      SERVER      -      ugeqz@yahoo.com.tw      1025      9RQAOCop300007e42@ourdomain.com      0      0      5480      1      -      0      Version: 6.0.3790.4675      -      Delivery Status Notification (Failure)      postmaster@ourdomain.com      -

2011-9-21      2:1:27 GMT      -      -      -      SERVER      -      ugeqz@yahoo.com.tw      1024
0
 
JJMarquartAuthor Commented:
NM got it.  Just had to clear out the que.  Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now