Solved

Email server blacklisted but scans clean

Posted on 2008-10-08
4
302 Views
Last Modified: 2012-05-05
My email server has been put on a blacklist.  However, when I scan my email server for viruses/bots/etc., it scans clean.

My email server is Exchange 5.5 which I am going to upgrade asap.

Since my server scans clean right now, and since I will be upgrading it to a supported version of Exchange, after the upgrade I will still be unsure if I have actually fixed the source of the spam problem.

It would be nice to have something on my local network that can identify a source of spam.

It would also be nice to be able to look at real-time statistics of any spam that supposedly comes from my network.  For example, something that says "On January 1, 2008, we received 100 spam messages originating from ip adress xxx on your domain,  On January 2, 2008, we received 50 spam messages originating from ip adress xxx on your domain,", etc.  This would be a good monitor for me - after upgrading my email server (that I can't seem to find a problem on), I could then see if the number of spam messages originating from my domain has decreased, etc.

Thank you.

0
Comment
Question by:brianp111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Accepted Solution

by:
namol earned 500 total points
ID: 22675773
Have you looked into getting a Barracuda Spam Firewall? http://www.barracudanetworks.com/ns/products/spam_overview.php
It does everything that you mentioned and more.

In regards to your original problem, have you checked to see if your exchange server is acting as an open relay? http://www.spamhelp.org/shopenrelay/shopenrelaytest.php. If it is acting as a relay then you have to secure your server so it does not act as a relay. Here is a exchange 5.5 walk-through, http://unixwiz.net/techtips/exchange55-antirelay.html. Unfortunately there is not a way to setup RBLs in exchange 5.5 without using some third party software or device. Let us know how things go!
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22676032
As far as monitoring goes you can setup wireshark (a free network sniffing software) on a PC with a small hub in line with your router.  

The layout would be the firewall/router connected to a hub.  The Hub connected to your network and to the PC with wireshark.  This would pick up all traffic heading out to the internet and into the network.  You can setup  the wireshark to filter for outbound SMTP packets only so you don't pick up all the other crap going through.

Set it up during the evening and let it run for a whole day.  Then review the logs the next day.  This should tell you if you're sending out spam and which computer it's coming from.
0
 
LVL 6

Expert Comment

by:xfreddie
ID: 22700967
Additionaly i would setup the firewall to only allow the mailserver in your network to sent and receive mail protocols.

Goodluck,
Xfreddie
0
 

Author Closing Comment

by:brianp111
ID: 31504550
Got a Barracuda, works great.  Thanks.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question