|
Posted by aboni on June 14, 2006, 8:27 am
Please log in for more thread options Thanks for reply!
I will investigate more!
Thanks for help,
Andrew
> Maybe somebody does. Enable authentication and logging to collect more
> information about the suspicious activities - that may help you
> discovering a rogue client, or a network backdoor.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
>
>> Hi!
>>
>> I have a SMTP service running in Windows Server 2003 R2 and in the events
>> log is so mutch SMTPSVC entries. I put a screen of my log in the link:
>> http://200.162.106.90/windowsevent.jpg.
>>
>> The messages are like below:
>>
>> [Example1]
>> Message delivery to the host '10.23.42.11' failed while delivering to the
>> remote domain '006.com' for the following reason: The remote server did
>> not respond to a connection attempt.
>>
>> [Example2]
>> Message delivery to the remote domain 'giut.com' failed for the following
>> reason: Unable to bind to the destination server in DNS.
>>
>> I have sure that this mail's aren't sent by my users. The entries occur
>> in the weekends also, when nobody is using this service.
>>
>> Thanks for any help,
>> Andrew
>>
>>
>
>
| 
XML Sitemap