In the Application Event Viewer on my Exchange 2003 Server, I'm seeing lot of entries like this:
The remote host "18.104.22.168", responded to the SMTP command "rcpt" with "550 No such address ". The full command sent was "RCPT TO:<+.firstname.lastname@example.org> ". This will probably cause the connection to fail.
Anti-virus and anti-spam controls are in place in my environment and I do not have an open relay.
Is there a way I can determine the source of these rogue outbound emails?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!