Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Spoofing

Posted on 2004-04-13
10
Medium Priority
?
262 Views
Last Modified: 2010-04-11
In our organization we have Windows 2003 with Exchange 2003 servers running. Recently users are complaining that they are receiving a lot of Non-delivery reports or virus notifications for emails they have not sent at all. I definitely understand that these are due to spam and stuff like that but can you propose a solution to this?
0
Comment
Question by:fuzz2004
10 Comments
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10813642
Spam is a pain for everyone today. If you use exchange you could use mailsweeper which can handle spam and anti-virus issues but the problem is that mails from the type you describe are often from valid domains and not blacklisted domains on blacklists for MX.
So there not a real solution for your problem.
0
 
LVL 4

Accepted Solution

by:
andydis earned 100 total points
ID: 10813653
these virus's also look at infected peoples contact lists, word documents and even webpages they visit to find new email addressed to send themselves to.

many companies have now adopted ethier:-

1) changing e mail addresses to andydis [at] hotmail.com from andydis@hotmail.com
2) incorporate antispam technology into exchange (comes free with 2003), or setup a completey new "spam gateway" in your DMZ.

if you would like infomation on a solution myself have supplied to many customers please feel free to drop me an email.
0
 
LVL 4

Expert Comment

by:kruptos
ID: 10813684
The best solution for this case may be prevention. I would take the following steps:

1. Ensure all client and servers are up to date with there Operating System Patches.
2. Make sure youare running some sort of distributed Anti-Virus, such as Norton Corporate, and verify all clients have the most recent virus definitions.
3. If you have a firewall and router make sure the firmware/OS/IOS are all up to date.
4. if using a firewall, try to filter out the bad emails, for instance, i have a Watchguard Firebox 700, and I am able to set up rules that filter out bad email content.
5. On your exchange server there are may 3rd part applications taht will help reduce the spam and virus distribution as well.

Please let me know if any of this helps, or if you need further assistance.

Thanks!!
0
Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

 
LVL 1

Assisted Solution

by:badrox
badrox earned 100 total points
ID: 10817312
One of the solutions that a lot of sites are looking into (us included) is reverse dns lookups.

This actually works very well and AOL and a few others have already implamented this.  

Most legit mailers will have a reverse DNS that works (and if they don't, they should) but so far it our tests it makes a pretty dramatic difference.


 
0
 
LVL 4

Expert Comment

by:kruptos
ID: 10818026
Yes, That is 100% correct....in matter of fact i posted a question when i was having trouble getting mail kicked back from one of our clients..

the problem was simple....our company did not have a reverse DNS entry on the ISP server, and the recipient had their mail server set up to reject all emails that come from a source where there is no Reverse DNS entry...

good job badrox...I forgot that one :-)

0
 
LVL 1

Expert Comment

by:kmcghee
ID: 10820129
Hey, I had the same problem with this virus. I installed an anti spam solution which worked really well. I can give you more details/contact details if you want???

Kev
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15729612
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: bloemkool1980{http:#10813642} & andydis{http:#10813653} & badrox{http:#badrox}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15729626
Sorry, typo...

No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: bloemkool1980{http:#10813642} & andydis{http:#10813653} & badrox{http:#10817312}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer

0
 
LVL 27

Expert Comment

by:Tolomir
ID: 15731546
Sorry, just 50 points available....

No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: andydis{http:#10813653} & badrox{http:#10817312}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question