Hey Guys
I've enabled outbound spam filtering on my XG 115W firewall as I was ending up on email blacklists. I've also got an Exchange 2010 server running behind the firewall.
I'm getting some weird outgoing email traffic in my XG firewall. In the email logs, I'm seeing "Mail detected as OUTBOUND SPAM" and being rejected. But the IP is external to the network.
I'm trying to figure if a computer on the network is compromised or something else is happening, but I can't tell from the log viewer if the outgoing email is linked to any internal computers or something else.
I've also run multiple 2nd opinion virus scans on all systems, they've come up clean. I've also changed everyone's user passwords.
What's the best way to figure out what's happening and which machine it might be linked to?
Kind regards
Aaron
This thread was automatically locked due to age.