Printable View
I am using a Small Business Customer with a spam issue. His ISP is complaning that his network is sending out spam. I have configured the firewall so that only the SBS server can send SMTP traffic and all other IP addresses are blocked. Hence I want to check which machine is sending the spam. Can anyone tell me how do check this on the SBS server? Thanks.
You can try to ask the ISP for some proof that the spam is actually coming from your network and then proceed to troubleshoot the problems.
You should also see to it that the spam might not be coming from different machine on the network. You can be the victim of an NDR attack. So, in the exchange manager, look at the outbound queue for lots of messages being sent out from administrator@ your domain. It could be most likely NDRs. Incase you find those, then you can take care of the problem by turning on recipient filtering and connection trapitting. Just check for this terms by searching it on the net and you will find some articles on this issue.
You can also try to block open SMTP relaying and clean up Exchange Server SMTP queues in Windows Small Business Server, by following the method given on this website - http://support.microsoft.com/kb/324958