Block chinese characters??? RSS Back to forum
@mark rosenbaum: According to the log message, this is an outgoing email relayed thru your server, which ORF will not filter (it is designed to filter incoming emails only). Most likely, a spammer has the username/password combination of this user and using this account to relay spam out using your server. I strongly suggest changing the password of this account immediately and make sure you allow only authenticated users to relay.
Disabled account in active directories and the messages are still coming through???
@mark rosenbaum:
If disabling the account won't stop it, that could mean the spammer is able to relay without authentication. Are you sure relaying restricted to authenticated users only?
See these articles:
http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm
http://support.microsoft.com/?id=324285
One user on our domain is receiving hundreds of spam emails. I have added his email to the senders blacklist but they are still coming through??
Version: 4.4 REGISTERED
Log Mode: Verbose
Server:
Source: SMTPSVC-1
Time: 5/23/2011 1:17:33 PM
Class: System Message
Severity: Information
Actions: (not available)
Filtering Point: Non-filtering
HELO/EHLO Domain: (not available)
Related IP Address: 65.54.188.72
Message ID: (not available)
Email Subject: mgo1--高 级 秘 书、助 理 和 行 政 人 员 技 能 提 高 训 练 营Ё
Sender:
Recipient(s):
*
*
*
*
*
*
*
*
*
Message:
Added "" to the Auto Sender Whitelist.