asked on

Client on LAN sending spam

I have a client on the network that is sending out spam and it has caused us to be blacklisted. I need to find the computer that is doing it. I am going to block port 25 on my sonicwall tomorrow at work to see if I can find it that way. Was wondering if anyone had any other suggestions.

We are using outlook and we don't have an internal email server.

Dan Craciun

If you have a managed switch, set a port as mirror/monitor and connect a laptop with Wireshark to it. Capture the traffic and see what IP is sending mail.

HTH,
Dan

Zephyr ICT

For more info, there was a thread about it recently: https://www.experts-exchange.com/questions/28334188/find-infected-client-in-network.html

ASKER CERTIFIED SOLUTION

Korbus

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

lrollins

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Blue Street Tech

Please close this question by selecting your comment (http:#a39789210) as the answer. Thanks!

Korbus

Why would you suggest he select his own comment, diverseit?
I suggest, Irollins, you select my comment, where I suggested full AV scans on all machines(at least part of your actual resolution), as the answer (or part of it).

Blue Street Tech

Sorry Korbus...but you are wrong!!! Just joking. :) In all seriousness I overlooked that...my mistake! Apologies.

Korbus

Thanks bud :)

lrollins

ASKER

I've requested that this question be closed as follows:

Accepted answer: 0 points for lrollins's comment #a39789210

for the following reason:

Resolved problem on my own

Korbus

I suggested running scans on all machines. This is part of the posted solution.
The other part of the posted solution, closing port 25, was also posted in the askers original question.

lrollins

ASKER