Exchange server being used to send spam! HELP!
- Thread starter n3x
- Start date
Go into exchange system manager and then go into the following:
Administrative Groups/First Administrative Groups/Servers/<Server name>/Protocols/SMTP/Default SMTP Virtual Server
Go into the properties of the SMTP server and go to the access tab. Click on the relay button and make sure that its check to say 'Only the list below'.
That should stop anyone from being able to use the server as an open relay. They will just need to add a list of servers that need to be able to send emails through this one (don't need to add outlook clients IP's)
EDIT: Also might want to have a look through the following articles about hardening your exchange server.
Exchange 2003
Administrative Groups/First Administrative Groups/Servers/<Server name>/Protocols/SMTP/Default SMTP Virtual Server
Go into the properties of the SMTP server and go to the access tab. Click on the relay button and make sure that its check to say 'Only the list below'.
That should stop anyone from being able to use the server as an open relay. They will just need to add a list of servers that need to be able to send emails through this one (don't need to add outlook clients IP's)
EDIT: Also might want to have a look through the following articles about hardening your exchange server.
Exchange 2003
Last edited:
You may always want to check the the server has not been added to a blacklists!
http://www.emailtools.co.uk/tools/blacklistcheck.htm
http://www.emailtools.co.uk/tools/blacklistcheck.htm
n3x said:Cheers guys, it looks like there is some kinda mass mailer virus on the network somewhere... but where, that is the question. its a big network
Check the logs on your exchange server. It should tell you what IP the session is being established from.