I am running an Exchange server 2010, and have a recent problem with SPAM showing up in the outbound queue. I can't seem to locate the source of the SPAM. They are stuck in my outbound queue (smarthost). I have added ACL's to the firewall to only allow IP addresses from my smarthost to connect to the mail server. I have disconnected everything on the network except the mail server, router, and cable modem. I still see mail pop-up in my queue. I created a transport rule to send me a copy of all messages that have a SPAM rating of -1 or higher, but the rule seems to have no affect, which makes me believe somehow mail is being injected directly into the queue. I have run scanners (multiple) on all connected devices, including the server. The only thing detected has been tracking cookies. I configured the send / receive connectors to only accept mail from, internal subnet range and smarthost IP's respectively, and still receive SPAM. All user passwords have been changed.
Verified Relay is off.... when telnetting into server get '421 4.3.2 Service not available'. Doubt it matters but I have a dyndns, with e-mail gateway from duocircle on alt port 2525.