Team, I am trying to find out how someone managed to use my Exchange server as a relay for sending spam. I am running Exchange 5.5 with service pack 4.0 . The only thing this Exchange server does is act as a relay point for an application. This server sits behind a firewall. I looked at the firewall ACL and found that the external IP address had SMTP traffic open to the world. That answers the questions as to how they managed to get SMTP access to the server. I have since blocked this ACL.
What I don't understand is how MS Exchange Server 5.5 allowed the traffic to pass through? I specified by host IP in Exchange what servers where allowed to relay mail. How did someone manage to use my Exchange server to spam without being on the list of allowed servers? I noticed that 10,000 e-mails were stuck in the que and I could not delete them. I uninstalled the "Internet Mail" connector and re-installed, but the backed up messages were still there? What directory are these messages stored so I can delete them from Windows Explorer? Any information provided is greatly appreciated. Thanks...JS __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
