• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 552
  • Last Modified:

How do I identify where local outgoing SPAM may be coming from in the SBS 2003 Exchange administrator interface?

I have a couple of clients using SBS 2003 with Exchange and when I look at the Queue's in the Exchange admin I am seeing SMTP connectors to foriegn domains (i.e. .it, .fr, .ru, etc..) and I know it is SPAM.

I found articles on how to freeze the connections and remove them but what I need to figure out is how to identify which machine(s) they are originating from. I have run AV and Root Kits scans on the PC's but have found nothing so I am hoping that Exchange will let me know where the email are coming from.

Thansk in advance for any help and suggestions!

screen-shot.jpg
0
shibumi1224
Asked:
shibumi1224
1 Solution
 
chris_shawCommented:
You could temporarily turn on Archiving (in the Mailbox Store properties).  Create a dummy account (called Archive or such like) and set archiving of all emails to go to this account.  Then log on to the account (or use OWA) and check the copy of Sent emails.  When you have determined where the spam is coming from turn off archiving and delete the account.
0
 
MesthaCommented:
If you are seeing the messages in your queues, then the email is not coming from inside your network.

This blog posting identifies if the spam originated from inside your network:
http://blog.sembee.co.uk/archive/2009/02/28/93.aspx

This explains what has actually happened.
http://blog.sembee.co.uk/archive/2008/03/13/73.aspx

Looking at the spam is a pointless exercise as it will be bounced off another system. You just need to close the gap and then clean out the queues.

Simon.
0
 
shibumi1224Author Commented:
Thanks guys... I will work on this over the weekend to see if i can isolate the issue. Will let you know if your suggestions work...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now