brandonrainbolt
asked on
Need help troubleshooting spam sent from my server
I've just noticed that over the last few days, my exchange server has recorded a bunch of NDR's in the event log. It looks like my server is being used to spam, and my IP is starting to show up on a few blacklists. I'm not sure what the source of the trouble is, and I could use some assistance in tracking this down.
I haven't seen any suspicious activity for about a day, and I've just now enabled message tracking on my server, so (as far as I know) I can't use the message tracking center for any of these messages.
I've run some web-based tests to confirm that I'm not an open relay.
Any suggestions for locating the source of this?
I haven't seen any suspicious activity for about a day, and I've just now enabled message tracking on my server, so (as far as I know) I can't use the message tracking center for any of these messages.
I've run some web-based tests to confirm that I'm not an open relay.
Any suggestions for locating the source of this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is only two ways to track such emails -
1) Using Message Tracking logs
2) Using SMTP VS logs (NCSA).
Check for SMTP virtual Server setting - and see if there is any logging enabled on it.
You'll find this at Server -> protocol -> SMTP -> Default SMTP VS -> properties
Regards,
Exchange_Geek
1) Using Message Tracking logs
2) Using SMTP VS logs (NCSA).
Check for SMTP virtual Server setting - and see if there is any logging enabled on it.
You'll find this at Server -> protocol -> SMTP -> Default SMTP VS -> properties
Regards,
Exchange_Geek
ASKER
thanks
ASKER