Solved

Spoofing

Posted on 2004-04-13
10
250 Views
Last Modified: 2010-04-11
In our organization we have Windows 2003 with Exchange 2003 servers running. Recently users are complaining that they are receiving a lot of Non-delivery reports or virus notifications for emails they have not sent at all. I definitely understand that these are due to spam and stuff like that but can you propose a solution to this?
0
Comment
Question by:fuzz2004
10 Comments
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10813642
Spam is a pain for everyone today. If you use exchange you could use mailsweeper which can handle spam and anti-virus issues but the problem is that mails from the type you describe are often from valid domains and not blacklisted domains on blacklists for MX.
So there not a real solution for your problem.
0
 
LVL 4

Accepted Solution

by:
andydis earned 25 total points
ID: 10813653
these virus's also look at infected peoples contact lists, word documents and even webpages they visit to find new email addressed to send themselves to.

many companies have now adopted ethier:-

1) changing e mail addresses to andydis [at] hotmail.com from andydis@hotmail.com
2) incorporate antispam technology into exchange (comes free with 2003), or setup a completey new "spam gateway" in your DMZ.

if you would like infomation on a solution myself have supplied to many customers please feel free to drop me an email.
0
 
LVL 4

Expert Comment

by:kruptos
ID: 10813684
The best solution for this case may be prevention. I would take the following steps:

1. Ensure all client and servers are up to date with there Operating System Patches.
2. Make sure youare running some sort of distributed Anti-Virus, such as Norton Corporate, and verify all clients have the most recent virus definitions.
3. If you have a firewall and router make sure the firmware/OS/IOS are all up to date.
4. if using a firewall, try to filter out the bad emails, for instance, i have a Watchguard Firebox 700, and I am able to set up rules that filter out bad email content.
5. On your exchange server there are may 3rd part applications taht will help reduce the spam and virus distribution as well.

Please let me know if any of this helps, or if you need further assistance.

Thanks!!
0
 
LVL 1

Assisted Solution

by:badrox
badrox earned 25 total points
ID: 10817312
One of the solutions that a lot of sites are looking into (us included) is reverse dns lookups.

This actually works very well and AOL and a few others have already implamented this.  

Most legit mailers will have a reverse DNS that works (and if they don't, they should) but so far it our tests it makes a pretty dramatic difference.


 
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 
LVL 4

Expert Comment

by:kruptos
ID: 10818026
Yes, That is 100% correct....in matter of fact i posted a question when i was having trouble getting mail kicked back from one of our clients..

the problem was simple....our company did not have a reverse DNS entry on the ISP server, and the recipient had their mail server set up to reject all emails that come from a source where there is no Reverse DNS entry...

good job badrox...I forgot that one :-)

0
 
LVL 1

Expert Comment

by:kmcghee
ID: 10820129
Hey, I had the same problem with this virus. I installed an anti spam solution which worked really well. I can give you more details/contact details if you want???

Kev
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15729612
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: bloemkool1980{http:#10813642} & andydis{http:#10813653} & badrox{http:#badrox}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15729626
Sorry, typo...

No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: bloemkool1980{http:#10813642} & andydis{http:#10813653} & badrox{http:#10817312}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer

0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15731546
Sorry, just 50 points available....

No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: andydis{http:#10813653} & badrox{http:#10817312}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now