Would anyone mind having a quick look at the header below to help me identify if our mail server is acting as a relay for spam (or something else)? It was received by an RBL a few days ago, and its got me worried that I've incorrectly set something up.
I'm running a Win2003 Server box with Exchange 2003 on top of it.
I have enabled "filter recipients who are not in the Directory", and setup relay restrictions to only allow our external sites to relay through the mail server.
I also have a watchguard device filtering all inbound mail as our spam solution. I am considering enabling outgoing spam filtering as well to see if that fixes the problem; but I wanted to pose the question here first before doing that.
(envelope-from <mrsjoybrown1414@yahoo.com>)
id 1QCusr-0004pB-Pw
for victim@smtp.example; Thu, 21 Apr 2011 10:29:30 -0400
Received: from <our.mail.server> ([our.mail.server.ip]:1972)
by obfuscated2 with esmtp (Exim 4.71)
(envelope-from <mrsjoybrown1414@yahoo.com>)
id 1QCusr-0004ow-Cn
for victim@smtp.example; Thu, 21 Apr 2011 10:29:29 -0400
Received: from User ([76.97.117.199]) by <our.mail.server> with Microsoft SMTPSVC (6.0.3790.4675);
Fri, 22 Apr 2011 00:08:29 +1000
Reply-To: <mrsjoybrown1515@gmail.com>
From: "MRS JOY BROWN"<mrsjoybrown1414@yahoo.com>
Subject: Greetings in the name of God
Date: Thu, 21 Apr 2011 15:07:19 +0100
MIME-Version: 1.0
charset="Windows-1251"
Bcc:
