troubleshooting Question

postmaster@domain.com is sending SPAM

Avatar of gdrew1
gdrew1 asked on
Exchange
3 Comments1 Solution4528 ViewsLast Modified:
I've searched the internet high and low, as well as experts-exchange, and I can't find a solution to this. When I set our Exchange box up last year, I enabled Recipient Filtering and Tarpitting; however, since some time this morning I have been receiving mass amounts of NDRs for postmaster from postmaster regarding e-mails that cannot be sent - from postmaster@domain.com. I have scoured our server for viruses, malware and root-kits and found nothing. I do not want to just disable NDRs as they are needed for legitimate responses for failed deliveries. I have checked the SMTP queues and found a couple of e-mails from postmaster that are in queue for outbound delivery. I have also checked the SMTP logs of the SMTP virtual server but there is nothing there that makes any sense to me other than IP addresses destined to or from our firewall in addition to our journal server.


Any ideas how to stop this NDR/SPAM attack?

Thanks,

gdrew
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros