November 19, 2008 03:05am pst

1. SysExpert 266,009
2. Bill-Hanson 188,051
3. sjef_bos... 167,750
4. fgrushev... 131,300
5. mbonaci 107,035
6. olaraak 102,301
7. qwaletee 85,572
8. brwwiggins 56,139
9. madhees... 51,850
10. daj_uk 20,460
11. CRAK 16,870
12. Zvonko 14,836
13. war1 7,300
14. LotusDave 6,875
15. rd153 6,500
16. dom_admin 6,200
17. slam69 5,550
18. xavierona... 4,975
19. jdera 4,000
19. nutsch 4,000
19. gupnit 4,000
22. lakshmidu... 3,200
23. chris_bot... 3,000
24. behender... 2,970
25. ubig 2,750

1. qwaletee 1,655,115
2. sjef_bos... 1,492,993
3. Hemantha... 1,122,137
4. SysExpert 1,028,307
5. marilyng 624,363
6. madhees... 580,670
7. Bill-Hanson 519,648
8. Bozzie4 417,223
9. p_partha 352,219
10. Zvonko 276,307
11. mbonaci 259,582
12. brwwiggins 238,469
13. CRAK 217,607
14. Arunkumar 195,091
15. fgrushev... 131,300
16. zvonko 130,604
17. cezarF 119,752
18. RanjeetRain 111,054
19. jerrith 107,809
20. olaraak 102,901
21. HappyFun... 102,184
22. mshogren 94,313
23. ghassan99 90,401
24. dragon-it 79,857
25. scottrma 68,271

02.24.2008 at 11:48AM PST, ID: 23188709

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.0

How can a trace SPAM through Domino Server version 7.0.2

Asked by DanRaposo in Lotus Notes, Lotus Domino Email Server, Simple Mail Transfer Protocol (SMTP)

Hi,

It appears that we are being used to send spam. Our domino server has started sending hundreds of messages to other users. I am not at the offfice so I can not put a sniffer on the wire, but I am having trouble finding where the mail is originating from. I would have expected to see an internal ip address of one of our clients if the infection was there. Anyone have any ideas on how to troubleshoot this?
Our basic setup is this

Notes Client
DAMO Client
Use Domino to send SMTP mail to our LINUX sendmail server (Outbound)
Messages have spoofed from/to addresses and are foreign (Russia, Taiwan,UK)

Thanks for any help you can provide.

Here is a sample from the Notes Log
02/24/2008 02:36:16 PM SMTP Server: Message 006BB0B4 (MessageID: <OATFYRCZSFGBRYOHBDXJKPD@ms69.hinet.net>) received
02/24/2008 02:36:16 PM Router: Transferring mail to domain POBOX.RITE.COM (host POBOX.RITE.COM [192.168.0.3]) via SMTP
02/24/2008 02:36:16 PM SMTP Server: 219-84-10-36-adsl-tpe.dynamic.so-net.net.tw (219.84.10.36) disconnected. 1 message[s] received
02/24/2008 02:36:20 PM SMTP Server: Message 006BB28D (MessageID: <ZYPVYXLGXWGUQVUVJDPKDD@ms15.hinet.net>) received
02/24/2008 02:36:21 PM SMTP Server: 219-84-10-250-adsl-tpe.dynamic.so-net.net.tw (219.84.10.250) disconnected. 1 message[s] received
02/24/2008 02:36:32 PM SMTP Server: 219-84-10-49-adsl-tpe.dynamic.so-net.net.tw (219.84.10.49) connected
02/24/2008 02:36:36 PM SMTP Server: Message 006BB8B0 (MessageID: <JGCPZPUVOLFBIEJZPJVZUBUGQ@ms4.hinet.net>) received
02/24/2008 02:36:36 PM SMTP Server: 219-84-10-49-adsl-tpe.dynamic.so-net.net.tw (219.84.10.49) disconnected. 1 message[s] received
02/24/2008 02:36:37 PM Router: Transferring mail to domain POBOX.RITE.COM (host POBOX.RITE.COM [192.168.0.3]) via SMTP
02/24/2008 02:36:38 PM Router: Transferred 1 messages to POBOX.RITE.COM (host POBOX.RITE.COM) via SMTP
02/24/2008 02:36:39 PM Router: Transferred 2 messages to POBOX.RITE.COM (host POBOX.RITE.COM) via SMTP
02/24/2008 02:36:42 PM Router: Message 006BB0B4 transferred to POBOX.RITE.COM for a0910tinasusan@yahoo.com.tw via SMTP
02/24/2008 02:36:42 PM Router: Message 006BB0B4 transferred to POBOX.RITE.COM for ecnvv@msa.hinet.net via SMTP

ETC ETC ETCStart Free Trial

Keywords: How can a trace SPAM through Domin…

	Title
1	Domino 6.5 Server fails to load
2	Domino and spam
3	Spam Relaying on a Domino SMTP Gate…
4	Lotus domino server bombarded by jun…
5	Spams
6	Spamming on Domino V5

Loading Advertisement...

20080716-EE-VQP-32 / EE_QW_2_20070628

How can a trace SPAM through Domino Server version 7.0.2

Asked by DanRaposo in Lotus Notes, Lotus Domino Email Server, Simple Mail Transfer Protocol (SMTP)

About this solution