| Event Id | 1708 |
| Source | MSExchangeTransport |
| Description | SMTP Authentication was performed successfully with client remote_computername. The authentication method was LOGIN and the username was company\username. |
| Event Information | According to Microsoft : RESOLUTION In this case, if the relaying appears to come from a hacked account password, go to the Active Directory Users and Computers snap-in and delete the account, disable the account, or change the password on the account. Microsoft recommends that you implement a strong password policy. |
| Reference Links | How to block open SMTP relaying and clean up Exchange Server SMTP queues in Windows Small Business Server |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.