SMTP Server Queue get flooded

HI,
I have a client who runs a SBS 2003 SP2 with exchange server 2003 SP2(they have 1 server). They are having problem with mail server being flooded with spam. It sits behind a firewall which has port 25 redirected to the server. After we got the first flow of spam,  we applied filters on recipient, sender amd connection(in the properties of Virtual SMTP). We renamed the queue folder and restarted with a new queue, it worked fine for  a day and we restarted getting another flow of spam (sender: ebay-center@e-bay.com). we recently updated our internet security on all workstations and server and did a full scan ( everything came up clean). What coulfd be the problem, is there a way to trace the orogin of the spam? Any setting that i could check ?

By the way the server is not an open relay.
benhurmxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kamleshgwalaniCommented:
U must get an external resouces, if you are client is ready to buy then go for GFI mail essentials http://www.gfi.com/mes/

More expensive and better SPAM filter - message labs http://www.messagelabs.com/
0
benhurmxAuthor Commented:
The SPAM messages are kind of targeting the server( flooding) than the users. Most of these messages are originating from bogus users and targeting users outside the domain, as if it is a server attack. Will the GFI software prevent that ?
0
benhurmxAuthor Commented:
Hi again,

I found out it was a spam attack. One of the passwords is compromised. The attacker was authticating and relaying through the server as an authenticated user . I stopped the relay option for the client domain and for authenticated  users. The problem seems to be fixed.I will be changing all users passowords.

Thanks for all the help
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.