Hello All.
I've searched the web and read loads of posts but many are contradicting or for ancient versions of Exchange.
I'm sitting with an Exchange 2013 server that is receiving, and relaying mail, from the internet. In most cases the bogus mails uses the addresses of three legitimate users, or a non existing variation of their e-mail addresses.
Eg. Legit: frank@contoso.com - Bogus: frankb@contoso.com / contosofranke@contoso.com or 001b01d1cf64$011c9fd6$86ea9287$frank@contoso.com etc etc etc.
According to the transport logs, these mail originate outside the network and authenticate "anonymously".
(Note: I replaced the domain name with "domain")
2016-06-26T01:35:38.998Z,Inbound Proxy Internal Send Connector,08D39AD0AEB58E47,113,192.168.0.10:9692,192.168.0.10:2525,*,,sending message with RecordId 0 and InternetMessageId <001b01d1cf64$011c9fd6$86ea9287$@*domain*.com>
2016-06-26T01:35:38.998Z,Inbound Proxy Internal Send Connector,08D39AD0AEB58E47,114,192.168.0.10:9692,192.168.0.10:2525,>,MAIL FROM:<pop.iway.nafrankfrank@*domain*.com> SIZE=0 AUTH=<>,
What is the quickest and easiest way to stop the relay of internet messages through the server?
Thank you in advance.
Hentie