Mass emails going out from postmaster account

It seems that i am sending out massive amounts of spam on my SBS2003 server.  The spam sender seems to be from postmaster@"mydomain".com or privacy@sterlingbank.com and the recipients are all different.

How I found out that I had a problem: I have a dynamic Ip address so I use a mail relay service from tzo.com that allows me to send email.  Tzo has a cap on the amount of emails that I can send (2000) per month.  Tzo notified me that I had exceeded that amount already this month.  So, I am monitoring the connector queue in Exchange that forwards my mail to Tzo and that I see the postmaster@"mydomain".com or privacy@sterlingbank.com emails being submitted to the queue.

I have disabled my outgoing mail on exchange.  I noticed a folder called masssender in c:\program files\ which I deleted. I am still generating emails.  HELP !  Thanks
evanbrownAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
kieran_bConnect With a Mentor Commented:
A stack of outbound mail as postmaster@ is more likely going to be NDR spam - you would need to enable recipient filtering and tarpitting to resolve that (but it isn't going to work if you are using the POP3 connector)

http://www.amset.info/exchange/filter-unknown.asp

masssender.exe looks like it could be legitimate for sending mail, but it could also be a very agressive hack (as opposed to a simple trojan)

Changing passwords/doing full rootkit and virus scans would be a good idea right about now.

Kieran
0
All Courses

From novice to tech pro — start learning today.