Solved

Exchange 2003 Sending Spam

Posted on 2008-06-11
2
418 Views
Last Modified: 2013-11-30
Hello,
I am running MS Exchange 2003 behind a firewall. Yesterday I went into ESM Server/Queues I found that there is a large volume of spam email coming from administrator@"mydomain".com being sent to domains all over the globe. I froze as many as I could but new ones keep popping up.
I have checked and found that my server is not a relay server.
I've tried to run RootkitRevealer in a console window but I keep getting the error message that it must be run from a console window.....
I am new to Exchange and am looking for some guidance as to my next step and or some reference material.

Thank you in advance for your help.
0
Comment
Question by:BC_Ethics
2 Comments
 
LVL 31

Accepted Solution

by:
rid earned 500 total points
ID: 21766581
Perhaps the queue consists of NDRs that your server tries to deliver? If you have the NDR function "On", your server tries to notify the sender if an incoming message has a bad (user) address. If the sender of the incoming message is faked, however, or delivery is difficult for some other reason, this causes messages to queue up in your server.

This is called NDR SPAM, or backscatter SPAM, I believe. The spammer sends messages to your domain with random usernames and faked "From" entries. The NDRs created at your server go to the purported senders, making it look like your server is the SPAM server... Not much to do, usually, just wait until the attack subsides. You can, of course, turn off the NDR function and just drop messages to non-existant users on your domain; much better IMHO.
/RID
0
 

Author Closing Comment

by:BC_Ethics
ID: 31466244
Thank You! That was extremely helpful!!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question