Hi all. I have a client organiation who's IP address is being flagged as a spam sender. Thus, emails to many of their contacts are bouncing back.
SEP's scheduled daily full scan is not finding any spa bots on internal systems, however one thing I am seeing frequently is Intrusion Prevention System laerts from SEP going FROM our internal IP of the mail server, to a couple of Facebook, Inc's IP addresses.
I will look through the IPS logs in SEPM to see if I can find anything useful, but in general am looking for any advice on how to deal with this overall problem.
I am going to try to get the IP off any blacklists, but that won't mean much if the source of the problem still exists on the network at my client. So far daily full scans are not picking anything up, and since the Exchange 2010 mail server is considered the source of those IPS issues, I'm not sure how to trace things back to the originating computer or mobile/handheld device.
Any SEP-specific suggestions or general suggestions outside of SEP are welcome. Thank you.
