Need help tracking local sender IPs on Exchange 2010
We have upwards of 500+ NDR notices, daily, coming back to our Exchange 2010, destined for a single email address. This occurs even if the users PC is wiped and not in use. We are trying to find a way, within Exchange that we can identify the private IP of the possible compromised culprit.
Email ServersExchangeWindows Server 2008Active Directory