Solved

spoofing rogue email server/client

Posted on 2010-11-16
3
486 Views
Last Modified: 2012-05-10
Think a workstation on our network has a worm/trojan that has grabbed the address book and firing out rouge emails.

Multiple users have complained about receiving bogus emails.

Any good freeware or eval tool to throw on the network so I can see which workstaion is sending the rogue emails?
0
Comment
Question by:abpExpert
  • 2
3 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34147426
Please can you post an email header from one of the rogue emails.

Obscure any email addresses though.
0
 

Author Comment

by:abpExpert
ID: 34147948
The header just contains date and emai addresses from the address book of the infected user.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 34148009
No IP addresses?

If nothing useful, please download Wireshark and start sniffing your network for traffic.  It should be fairly easy to see the computer throwing out lots of traffic.

Make sure you also have your firewall blocked on TCP port 25 for all computers apart from your mail server, otherwise you may get blacklisted.

Do you have logging enabled on your router / firewall?  If not enabled, it would be good to turn it on and monitor traffic.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now