Solved

Exchange 2003 Sending Spam

Posted on 2008-06-11
2
420 Views
Last Modified: 2013-11-30
Hello,
I am running MS Exchange 2003 behind a firewall. Yesterday I went into ESM Server/Queues I found that there is a large volume of spam email coming from administrator@"mydomain".com being sent to domains all over the globe. I froze as many as I could but new ones keep popping up.
I have checked and found that my server is not a relay server.
I've tried to run RootkitRevealer in a console window but I keep getting the error message that it must be run from a console window.....
I am new to Exchange and am looking for some guidance as to my next step and or some reference material.

Thank you in advance for your help.
0
Comment
Question by:BC_Ethics
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
rid earned 500 total points
ID: 21766581
Perhaps the queue consists of NDRs that your server tries to deliver? If you have the NDR function "On", your server tries to notify the sender if an incoming message has a bad (user) address. If the sender of the incoming message is faked, however, or delivery is difficult for some other reason, this causes messages to queue up in your server.

This is called NDR SPAM, or backscatter SPAM, I believe. The spammer sends messages to your domain with random usernames and faked "From" entries. The NDRs created at your server go to the purported senders, making it look like your server is the SPAM server... Not much to do, usually, just wait until the attack subsides. You can, of course, turn off the NDR function and just drop messages to non-existant users on your domain; much better IMHO.
/RID
0
 

Author Closing Comment

by:BC_Ethics
ID: 31466244
Thank You! That was extremely helpful!!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question