megkhp
asked on
How to stop spammers from using our email addresses
My company has got a valid email address support@company.com. Somehow it seems like the email address is used by spammers to send out spam emails. Whenever we check the inbox, we'll get tons of "Undeliverable:Your e-mail could not be delivered" to email addresses that we have never seen before, and we never send emails to those email addresses.
I have run a check of our IP on the major blacklists and the results were clean. We are using exchange server 2003, is there anything that I can do to stop people from using our email address to send spam emails?
I have run a check of our IP on the major blacklists and the results were clean. We are using exchange server 2003, is there anything that I can do to stop people from using our email address to send spam emails?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I followed the above link and tried to determine whether the Exchange Server is an open SMTP relay. When I tried to open the exchange public IP address, it showed “220 **************************
Any suggestion that I can continue with the relay test?
Any suggestion that I can continue with the relay test?
Try www.dnsstuff.com and see if your server is listed as spam source.
/RID
/RID
You did steps 1 2 and 3 first, correct? You shouldn't see a normal command prompt where you type "ehlo anydomain.com". Don't just jump from 2 to 4, for example.
If you it correctly and stil lget a synatax error you possibly have other e-mail configuration issues
If you it correctly and stil lget a synatax error you possibly have other e-mail configuration issues
ASKER
I think we have other email config issues as The_IT_Garage suggested. But thanks for the link to the article to test the exchange server for open relay.
2. Re-check major blacklists.
3. Pray...
Unfortunately this is a problem with NDR's, as far as I can see... What happens is that a spammer, somewhere, sends out a lot of messages, to valid and non-valid addresses. They use a return adress that is on your domain (support@domain.com is not that esoteric) and all NDR's generated at domains that receive this spam message and have no valid user there, go to your domain, since you're set as sender.
Personally I think it would be a bit better if all the invalid recipients only caused a failure and not a NDR, but that is in the hands of the mail admins at the domains involved. Exchange has NDR's enabled as default... which is total madness to me, as this just generates a lot of totally meaningless messages on the net.
You can't stop spammers from using your mail adress as sender. You could fight NDR's by switching them off on your server and try to persuade others to folloow suit.
/RID