Solved

Exchange Server under spam and phishing attack

Posted on 2006-11-20
4
303 Views
Last Modified: 2010-03-06
Hi All,

My exchange server is under spam and phishing attack. We have a firewall unit but that does not support spam filtering.
Since 2 weeks thousands of emails are coming in and out from the exchange server which is not legitimate. I am using Exchange 2003 Enterprise server with SP2 and IMF turned on with settings 7/6.
Can you somebody tells me few tips that how can I protect my server from these attacks. All these emails are eating up all my Internet bandwidth and all users are getting emails undelivered which they never sent.

If you need any other information let me know.

Thanks

Maninder

0
Comment
Question by:parpak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 16

Expert Comment

by:poweruser32
ID: 17979380
you need to get spam software installed on a dedicated machine (gfi have a 30  day free trial on www.gfi.com) installed  ( a desktop would do) to filter the incoming email
also i would enable recipient filtering on the ex server as this stops email being sent to users who do not exist in AD
is your ex server secured for relay?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 17979543
You need to get the server cleaned up first.
Take a look at my spam cleanup article: http://www.amset.info/exchange/spam-cleanup.asp

I would suggest that you close port 25 on the firewall first to stop the message flow. Then see whether you are an open relay or one of your accounts has been compromised. You should probably change your administrator password.

Simon.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question