Exchange Incoming Mail Logs, how to get ISP and IP information
Email Server, Exchange 2003 SP2, Internet service providers, SMTP, Windows 2003 Small Business Server
I'm new to administrating Exchange. I took over from another guy and recently discovered that the Exchange server had a fully open relay. Unfortunately, I discovered it when spam started getting sent through the mail server. I closed the relay, but we now have reason to believe that the old IT guy was the source of the spam.
I'm trying to find a way to get a list of all incoming relay (SMTP) request that have come into the mail server in the past 3-4 weeks and the IP that they originated from. I'm meeting with the DA tomorrow about pressing charges against this guy (for this and many other issues) and they want to supena (sp?) his ISP to try and confirm that they came from his IP address.
Is there any way I can get this info?
Thanks.
Software/Hardware used:
Microsoft Exchange 2003 SP2, running on Windows 2003 Small Business Server
I'm trying to find a way to get a list of all incoming relay (SMTP) request that have come into the mail server in the past 3-4 weeks and the IP that they originated from. I'm meeting with the DA tomorrow about pressing charges against this guy (for this and many other issues) and they want to supena (sp?) his ISP to try and confirm that they came from his IP address.
Is there any way I can get this info?
Thanks.
Software/Hardware used:
Microsoft Exchange 2003 SP2, running on Windows 2003 Small Business Server
ASKED:
June 23, 2010 7:09 PM
UPDATED:
June 26, 2010 12:58 PM
Answer Wiki:
You can find the information in the SMTP logs on the mail server it was relaying through.
To see all answers submitted to the Answer Wiki: View Answer History.
RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
