Solved

Free antivirus scanner for exchange server?

Posted on 2009-07-08
2
539 Views
Last Modified: 2013-11-22
We are getting calls from our ISP that we have a virus. We have scanned each and every computer using Panda Activescan Pro online and one PC had 15 virus infections but they appeared to be dormant. The ISP cant tell us what computer it is. The only thing I can think of is that it is our server running exchange. We ran Panda on this and it didn't find a virus. Could there possibly be a virus embedded in our exchange? If so, is there a free way to remove and scan? We have a spam filter that is supposed to scan for viruses and spyware before the mail is passed to our server so I doubt something got through but it is possible.
0
Comment
Question by:FASTECHS
2 Comments
 
LVL 23

Assisted Solution

by:debuggerau
debuggerau earned 200 total points
ID: 24811206
I think your question subject might be stumping experts since there is no free AntiVirus for Exchange, and even the ones that are, have issues at times..

Any free Antivirus, if set correctly will give you alarms for queued items, but after that, what is it going to do with them?
If it removed them, exchange errors out..

The only free way i know, is to take it offline and run any of a variety of scanners over ALL files and still it will be with limited success as the database store will not be read.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 300 total points
ID: 24811445
If your ISP is telling you that you have a virus, then you probably are sending out spam messages and thus will get blacklisted.  It is very unlikely that your server is sending out spam, more likely to be an infected machine.  Spammers tend to use their own SMTP engine to send out mail, rather than hoping that there will be one on the infected machine.
Have you downloaded and installed MalwareBytes on all machines (www.malwarebytes.org) - it is a free tool and discovers all sorts of unwanted items.
Lock down your firewall to only send out SMTP traffic on port 25 from your exchange server.
Follow Xmachine's advise in the following EE question - especially to download WireShark and sniff for port 25 traffic from all machines:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24463550.html?cid=238#a24606079  

Once all machines are checked and clean and no port 25 traffic is detected with WireShark (other than the server), check your reputation on http://www.mxtoolbox.com/blacklists.aspx to see if you are listed (you probably will be).
You will eventually drop off these listings once no more spam is received but it may take a week or so to get clean.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question