Link to home
Start Free TrialLog in
Avatar of sumangurung
sumangurung

asked on

Lotus domino server bombarded by junk emails

i really need a solution to some problem  that i am facing since yesterday.
Our server is being bombarded by emails, spam and junk emails. Ever second there are lots of emails comings. I dont know where they are coming from. I changed the configuration a bit and it is not working at all.
When i loook at the server console, the mails are not coming from outside coz i dont see mails being transeffed from outside hosts. Ofcourse the server does get connected to some external hosts but no mails are received.

I am attaching below a typical message log:

04/10/2007 05:12:43 PM  Router: Transferring mail to domain AMQA.COM (host m1.dnsix.COM [63.251.83.84]) via SMTP
04/10/2007 05:12:43 PM  Router: No messages transferred to CRSTUDIO.IT (host mx.CRSTUDIO.IT) via SMTP
04/10/2007 05:12:43 PM  Router: Transferring mail to domain WE-HELP-U.BIZ (host WE-HELP-U.BIZ [12.129.178.28]) via SMTP
04/10/2007 05:12:43 PM  SMTP Server: 65.75.169.7 connected
04/10/2007 05:12:43 PM  Router: No messages transferred to WE-HELP-U.BIZ (host WE-HELP-U.BIZ) via SMTP
04/10/2007 05:12:43 PM  Router: No messages transferred to AMQA.COM (host m1.dnsix.COM) via SMTP
04/10/2007 05:12:43 PM  Router: Message 0061AC80 not routed to recipient adan65@t-online.de for policy reasons
04/10/2007 05:12:43 PM  Router: Policy Reason: Router: waehgpozon@cnkcs.net is restricted from sending mail through server SMTP/MOIC
04/10/2007 05:12:43 PM  Router: Message 0061AC80 not routed to recipient acheck@t-online.de for policy reasons
04/10/2007 05:12:43 PM  Router: Policy Reason: Router: waehgpozon@cnkcs.net is restricted from sending mail through server SMTP/MOIC
04/10/2007 05:12:43 PM  Router: Message 0061AC80 not routed to recipient adamgj@t-online.de for policy reasons
04/10/2007 05:12:43 PM  Router: Policy Reason: Router: waehgpozon@cnkcs.net is restricted from sending mail through server SMTP/MOIC
04/10/2007 05:12:43 PM  Router: Message 0061AC80 not routed to recipient ackerth.feg@t-online.de for policy reasons
04/10/2007 05:12:43 PM  Router: Policy Reason: Router: waehgpozon@cnkcs.net is restricted from sending mail through server SMTP/MOIC
04/10/2007 05:12:44 PM  SMTP Server: 65.75.169.7 disconnected. 0 message[s] received
04/10/2007 05:12:44 PM  Router: Message 0061AC80 not routed to recipient adie_reid@t-online.de for policy reasons
04/10/2007 05:12:44 PM  Router: Policy Reason: Router: waehgpozon@cnkcs.net is restricted from sending mail through server SMTP/MOIC
04/10/2007 05:12:44 PM  Router: Transferring mail to domain COMENCO.COM (host mx1c9.megamailservers.COM [69.156.240.34]) via SMTP
04/10/2007 05:12:45 PM  SMTP Server: 65.75.169.7 connected


I have no clue. I do think that somehow some program is trying to relay the message outside but is not allowed so it gets accumulated in the mail.box of our server.
The accumulation is very fast, i.e. in less than a seconds there are more than 10 entries in the mail box. It started from yesterday and yesterday in around 6 hours there was 200,000 undelivered messages in the mail box.

We are running lotus domino 6.5.1 on windows 2003 platfrom.

Thanks so much.

Suman gurung
ASKER CERTIFIED SOLUTION
Avatar of Sjef Bosman
Sjef Bosman
Flag of France image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sumangurung
sumangurung

ASKER

Thanks for your suggestions.
Relay is prohibited from our server. You can test it, our server is smtp.moic.gov.bt.
I thnk because relaying is not allowed, the mails are getting stored in the mail.box at an alarming rate.  I just checked the mail details from the mail.box and it said that "restricted from relaying through the server".
The weird thing is i dont see much connecting host from the server console. The messages on the console are the one that i posted earlier. What do you think could have caused this?

Thanks
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
The trace could indeed tell you whether an inside person has an infected PC.

Is this server the only mail server in your organization, or do you also have Exchange servers (or other) that route their mail through the Domino server?
Installing an anti spam program is not possible at this time although it is an excellent idea. I would like to do the packet trace. I wonder how it is done. Can anyone tell me?

This is the only mail server in the organization.

Thanks,
Suman Gurung
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial