Linking spam sent through shared IIS SMTP server to a user

Posted by on January 8, 2013 Leave a comment (1) Go to comments

Microsoft’s IIS SMTP service won’t log usernames even when SMTP-AUTH is enabled and clients are all authenticating. So, what happens if someone starts abusing the SMTP service (or you perhaps have a runaway process performing the abuse)?

Well, it takes a little effort but it is possible to track down the username being used to authenticate to the service. Here’s a post by Jeff Graves of OrcsWeb showing exactly how to track down this information: http://jeffgraves.me/2013/01/08/linking-spam-sent-through-shared-iis-smtp-server-to-a-user/

Hosting, IIS, SysAdmin, , , , ,

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackbacks and Pingbacks: