troubleshooting Question

Will restricting email to Outlook Web Access reduce threat of compromised account

Avatar of tgreendyk
tgreendyk asked on
ExchangeWindows Server 2003
9 Comments2 Solutions502 ViewsLast Modified:
Hi all,

I have a situation where an internal Exchange 2003 server keeps getting compromised. I'm pretty sure that someone's account is getting compromised because I went through an excercise where I changed everyone's password and the issue disappeared for about 2 months.

It's now back, but the large quantities of spam that end up in the outbound queue only appear about once a week. If I remove them all, everything's fine for another week or so.

There are a number of remote non-employees who connect using VPN, some of them on an occasional basis. I suspect that one of them may have a virus that's captured their credentials and spits out the spam whenever they connect to the server.

If I restrict all outside users to Outlook Web Access only, will this in effect remove that threat possibility since there's no direct network connection?

Even better, if there's a better way to figure out the source of this stuff, I'd appreciate knowing that too. I remember one time turning on SMTP logging in some way that made it very clear who the culprit was, but I can't seem to figure that out again.

Any help would be appreciated.

Manager of IT

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros