Solved

Is there any free software out there that could help me figure out which machine in my network is Spamming?

Posted on 2009-05-04
6
338 Views
Last Modified: 2013-11-22
Is there any free software out there that can help locate a Spammer within our network?  We know that they are not using our mail server.  We suspect it is someone with a virus on their machine however, our antivirus for whatever reason can not find them.  I beliveve the reason why our antivirus does not find them is because I think the culprit is in a seperate VLAN.  This only narrows it down to about 100 machines.  I wish to narrow it down further but economic times being what they are I was looking for a free software solution if possible.  We have already tried turning off port 25 but were unable to locate the spammer.  Please help.
0
Comment
Question by:Relinda
6 Comments
 
LVL 6

Accepted Solution

by:
jaydee-cdgp earned 500 total points
ID: 24301342
Ethereal or now called Wireshark can monitor traffic on your network may help.  Find out who's the top talker / or transmitting particular traffic?
0
 
LVL 4

Expert Comment

by:Interserv
ID: 24503499
http://www.axencesoftware.com/index.php?action=NTPro

this set of tools is really good and simple to use.  I'd scan hosts to see which ones are running smtp and see if one is running smtp that shouldn't.  If you have a firewall in place you might also want to block port 25 from outbound traffic for everything except your mailserver(s).  This is a friendly rule to have in place all of the time on your firewall.  You can also create an ACL on most routers if your firewall is not capable of blocking port 25.
0
 
LVL 8

Expert Comment

by:SeeMeShakinMyHead
ID: 25131244
Where did you turn port 25 off at?  If at the firewall, you should be able to look at the logs to determine the culprit.  If on the router, then I would create an ACL that allows TCP 25 and run debug ip packet detail command to see which PC is using port 25 the most (it may be the only one).  Please also describe why you think someone is blasting emails from your network.  Did you recently get on a blacklist?  Also, do you run your own mail server on your network?
0
 
LVL 9

Expert Comment

by:tsaico
ID: 25628968
Another Vote for the turning off open ports at the firewall.  It is really handy to then look at the IP with the most amount of traffic and then get the information from there.  If possible, you can also get a second IP for the email server and keep oit seperate from the NAT for surfing.  This way, if you get hit again, your email server's ip doesn't get blacklisted (unless your entire IP block does), but it is the best to stop it on outbound connections.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34671029
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Antispam software transparent 7 72
Virus your files are encrypted .vvv excel not work 6 96
best email filter 10 100
Migrate away from Mimecast 7 158
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now