Hi:
If a machine gets infected and sends email as an authenticated exchange user,
is there an easy way to identify where the offending machine is? Back in
Exchange 2003 you could identify the Exchange version, client IP, etc. of
connections but I've never found a way to do this with message
IIS logs can help
-Original Message-
From: Sharp, Kevin [mailto:kevin.sh...@usask.ca]
Sent: Wednesday, June 15, 2011 9:10 PM
To: MS-Exchange Admin Issues
Subject: tracking offending spam machines
Hi:
If a machine gets infected and sends email as an authenticated exchange user