Hi,
I am experiencing an issue of one overseas IP connecting to my exchange servers and sending huge number of spams with blank sender id..
1) how do an exchange client connect to my servers without user ID authentication (or do spammers have mechanism to do so?)
2)where/which log I should check to know which user ID authentication spammer is using ?
3) still spammers are sending the spam emails (include the money transfer and adulatory spams..)
4) NOTE: since 'out of Office auto reply' is mandatory business requirement, I am unable to disable blank sender emails.
Please suggest how to prevent these type of spams?
example of message tracking log follows:
RunspaceId : 1858bdeb-c7ad-4c8f-826d-b8e010771637
Timestamp : 7/31/2016 5:10:05 AM
ClientIp : 24.128.188.200
ClientHostname : [192.168.0.106]
ServerIp : My Exchange server HUB IP
ServerHostname : My Exchange Hub server
SourceContext : 08D38E3DF9AEB7F3;2016-07-31T01:04:31.917Z;0
ConnectorId : MyHUbServer\authenthicated internet
Source : SMTP
EventId : RECEIVE
InternalMessageId : 34758820
MessageId : <79defd66-cf6d-4ba9-be97-7795d23c08bc@TEB-HD-HUB-03.hosting.local>
Recipients : {paul.kuah@gmail.com, vadim@manager-erp.com, vani6a@abv.bg, martinrojas@wp.pl, puttersonly@mt
s.net, petervillarreal@hotmail.com, opaluch1@wp.pl, adzame@gmail.com, moulins7@postmail.ch, e
dytaose@wp.pl, afulei@freemail.hu, teju@live.fr, msjc901@yahoo.com, carlosqmesa@gmail.com, ke
vinfonseca70@yahoo.com, d_stanisic@hotmail.com...}
RecipientStatus : {}
TotalBytes : 2399
RecipientCount : 20
RelatedRecipientAddress :
Reference :
MessageSubject : RE:Can I Trust You Please?
Sender :
ReturnPath : <>
MessageInfo : 07I: NTS:
MessageLatency :
MessageLatencyType : None
EventData : {[FirstForestHop, MyHubServer.hosting.local]}
thanks and regards,