Need help troubleshooting spam sent from my server

Posted on 2012-08-19
Last Modified: 2012-08-20
I've just noticed that over the last few days, my exchange server has recorded a bunch of NDR's in the event log. It looks like my server is being used to spam, and my IP is starting to show up on a few blacklists. I'm not sure what the source of the trouble is, and I could use some assistance in tracking this down.

I haven't seen any suspicious activity for about a day, and I've just now enabled message tracking on my server, so (as far as I know) I can't use the message tracking center for any of these messages.

I've run some web-based tests to confirm that I'm not an open relay.

Any suggestions for locating the source of this?
Question by:brandonrainbolt
    LVL 33

    Accepted Solution

    Read the following article to confirm your box isn't open for relay

    AND the following article by a fellow EE Alan for fighting Spam on your server.

    If you have any questions, feel free to ask.


    Author Comment

    Thanks for the reply. Any suggestions for getting information on the messages that were sent? I'd really like to know if they originated from a particular user or ip address. Anything along those line that I might use to track down the source of the issue.
    LVL 33

    Expert Comment

    There is only two ways to track such emails -

    1) Using Message Tracking logs
    2) Using SMTP VS logs (NCSA).

    Check for SMTP virtual Server setting - and see if there is any logging enabled on it.

    You'll find this at Server -> protocol -> SMTP -> Default SMTP VS -> properties


    Author Closing Comment


    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
    Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
    The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now