Hi all,
I have an exchange 2013 which looks to be used to send spam, I can see the queue growing up with emails from other domains. Here is my setups for content filtering:
Name : ContentFilterConfigRejectionResponse : Message rejected as spam by Content Filtering.
OutlookEmailPostmarkValidationEnabled : True
BypassedRecipients : {}
QuarantineMailbox :
SCLRejectThreshold : 7
SCLRejectEnabled : True
SCLDeleteThreshold : 9
SCLDeleteEnabled : False
SCLQuarantineThreshold : 9
SCLQuarantineEnabled : False
BypassedSenders : {}
BypassedSenderDomains : {}
Enabled : False
ExternalMailEnabled : True
InternalMailEnabled : False
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=ContentFilterConfig,CN=Message Hygiene,CN=Transport
Settings,CN=AX-Properties 01,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=**,DC=local
Identity : ContentFilterConfig
ObjectCategory : **/Configuration/Schema/ms-Exch-Message-Hygiene-Content-Filter
-Config
ObjectClass : {top, msExchAgent, msExchMessageHygieneContentFilterConfig}
WhenChanged : 25.05.2016 09:54:48
WhenCreated : 06.01.2015 14:43:56
WhenChangedUTC : 25.05.2016 07:54:48
WhenCreatedUTC : 06.01.2015 13:43:56
OrganizationId :
OriginatingServer : **myserver**
IsValid : True
ObjectState : Unchanged
How can I tell my exchange to only send emails from my domain? Or maybe is there a way to know if someone still some credentials? I mean a way to see which user/credentials are used to send those spam.
With wireshark I can see packets RCPT to: xxx@xxx.com but my exchange is not an open relay..
Thanks.
J.