Trace source of spam on LAN
I am using a Small Business Customer with a spam issue. His ISP is complaning that his network is sending out spam. I have configured the firewall so that only the SBS server can send SMTP traffic and all other IP addresses are blocked. Hence I want to check which machine is sending the spam. Can anyone tell me how do check this on the SBS server? Thanks.
Re: Trace source of spam on LAN
You can try to ask the ISP for some proof that the spam is actually coming from your network and then proceed to troubleshoot the problems.
Re: Trace source of spam on LAN
You should also see to it that the spam might not be coming from different machine on the network. You can be the victim of an NDR attack. So, in the exchange manager, look at the outbound queue for lots of messages being sent out from administrator@ your domain. It could be most likely NDRs. Incase you find those, then you can take care of the problem by turning on recipient filtering and connection trapitting. Just check for this terms by searching it on the net and you will find some articles on this issue.