Running Exchange 2010 SP1 RU6. Received complaints from my users unable to send mail to their hotmail account. Verified that we were not listed in any RBLs. Filled out the form on microsoft's website and they indicated that there was abusive/suspicious behavior coming from my mail relay, that we were namespace mining. They gave the example of:
Time of abuse: 2014-04-24 09:16:00 and 2014-04-25 09:18:00
Total RCPT To commands sent: 6579
Total email Sent: 214
I used Get-Messagetrackinglog to find all mail sent to @hotmail accounts during this period, but it does not tell me the RCPT To attempts.
Is there any way to search the tracking logs for RCPT To commands? I'm trying to track down what could be causing this.