?
Solved

Exchange Server under spam and phishing attack

Posted on 2006-11-20
4
Medium Priority
?
304 Views
Last Modified: 2010-03-06
Hi All,

My exchange server is under spam and phishing attack. We have a firewall unit but that does not support spam filtering.
Since 2 weeks thousands of emails are coming in and out from the exchange server which is not legitimate. I am using Exchange 2003 Enterprise server with SP2 and IMF turned on with settings 7/6.
Can you somebody tells me few tips that how can I protect my server from these attacks. All these emails are eating up all my Internet bandwidth and all users are getting emails undelivered which they never sent.

If you need any other information let me know.

Thanks

Maninder

0
Comment
Question by:parpak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 16

Expert Comment

by:poweruser32
ID: 17979380
you need to get spam software installed on a dedicated machine (gfi have a 30  day free trial on www.gfi.com) installed  ( a desktop would do) to filter the incoming email
also i would enable recipient filtering on the ex server as this stops email being sent to users who do not exist in AD
is your ex server secured for relay?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 17979543
You need to get the server cleaned up first.
Take a look at my spam cleanup article: http://www.amset.info/exchange/spam-cleanup.asp

I would suggest that you close port 25 on the firewall first to stop the message flow. Then see whether you are an open relay or one of your accounts has been compromised. You should probably change your administrator password.

Simon.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month12 days, 4 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question