?
Solved

How to stop spammers from using our email addresses

Posted on 2006-04-10
6
Medium Priority
?
257 Views
Last Modified: 2010-04-11
My company has got a valid email address support@company.com. Somehow it seems like the email address is used by spammers to send out spam emails. Whenever we check the inbox, we'll get tons of "Undeliverable:Your e-mail could not be delivered" to email addresses that we have never seen before, and we never send emails to those email addresses.

I have run a check of our IP on the major blacklists and the results were clean. We are using exchange server 2003, is there anything that I can do to stop people from using our email address to send spam emails?
0
Comment
Question by:megkhp
  • 2
  • 2
  • 2
6 Comments
 
LVL 31

Expert Comment

by:rid
ID: 16419989
1. Re-check the relaying rules of the Exchange server.
2. Re-check major blacklists.
3. Pray...
Unfortunately this is a problem with NDR's, as far as I can see... What happens is that a spammer, somewhere, sends out a lot of messages, to valid and non-valid addresses. They use a return adress that is on your domain (support@domain.com is not that esoteric) and all NDR's generated at domains that receive this spam message and have no valid user there, go to your domain, since you're set as sender.

Personally I think it would be a bit better if all the invalid recipients only caused a failure and not a NDR, but that is in the hands of the mail admins at the domains involved. Exchange has NDR's enabled as default... which is total madness to me, as this just generates a lot of totally meaningless messages on the net.

You can't stop spammers from using your mail adress as sender. You could fight NDR's by switching them off on your server and try to persuade others to folloow suit.
/RID
0
 
LVL 5

Accepted Solution

by:
The_IT_Garage earned 500 total points
ID: 16420161
Configure your Exchange Server block open SMTP relaying, see the article "How to block open SMTP relaying and clean up Exchange Server SMTP queues in Windows Small Business Server"

http://support.microsoft.com/?id=324958#E05B0ADAAA&FR=1

See the section called "Configure the Exchange Server to block open SMTP relaying" on that page
0
 
LVL 1

Author Comment

by:megkhp
ID: 16423455
I followed the above link and tried to determine whether the Exchange Server is an open SMTP relay. When I tried to open the exchange public IP address, it showed “220 **************************”, and I get a “500 syntax error, command unrecognized.” When trying to ehlo Microsoft.com

Any suggestion that I can continue with the relay test?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 31

Expert Comment

by:rid
ID: 16423632
Try www.dnsstuff.com and see if your server is listed as spam source.
/RID
0
 
LVL 5

Expert Comment

by:The_IT_Garage
ID: 16428737
You did steps 1 2 and 3 first, correct? You shouldn't see a normal command prompt where you type "ehlo anydomain.com". Don't just jump from 2 to 4, for example.

If you it correctly and stil lget a synatax error you possibly have other e-mail configuration issues
0
 
LVL 1

Author Comment

by:megkhp
ID: 16431551
I think we have other email config issues as The_IT_Garage suggested. But thanks for the link to the article to test the exchange server for open relay.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question