(subject of the thread was originally "Accepting mail to addresses with routing instructions, from unauthenticated sources, when SMTP is set to be authenticated" but that turned out not to be an issue, so I changed to a better description.)
Stefano wrote: > IMO there's nothing to be tracked/fixed. A mail to > recipientname%recipientdom...@[my.server's.ip.address] is like a mail to > recipientn...@[my.server's.ip.address]. If the mailbox exists it will be > delivered. If the mailbox does not exists it will bounce. > Sorry, I meant what do you think I should do next to try to track down the source of the spam I can see in the server logs? I realize that it's most likely my fault, that I misconfigured something or have otherwise caused the security breach myself, I'm just not quite sure where to go next; I've pored through the logs and I didn't see anything that indicated to me how the spam is getting through since I've got authentication configured. If authentication is configured, is it safe to assume that the spammer somehow has gotten a username and password? There are only a handful of accounts and through the telnet remote admin interface I don't see any that I did not create myself. Is there an authentication log or some way to turn something like that on? Or is there some combination of settings that I might have set which could cause there to be an exception to authentication being required? I can post my configuration xml if that's appropriate. Thanks for helping me and again I think that JAMES is a fabulous and well-engineered piece of software. Ken _________________________________________________________________ Stay in the loop and chat with friends, right from your inbox! http://go.microsoft.com/?linkid=9671354
