Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do i for avoid sending SPAM from my LAN (Exchange 2003)?

Posted on 2010-11-17
4
Medium Priority
?
545 Views
Last Modified: 2012-06-21
Hello,

My Exchange server 2003, have been blocked for sending email.

Curiosly, MBDATA directory it's growing brutally, and queues, are showing thousands and thousands of mails...not from my domain.

queue
How do i for avoiding this sort of SPAM attack?

My Exchange it's not Open Relay.

Thanks in advance
0
Comment
Question by:VMWARE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Expert Comment

by:frostsystems
ID: 34159989
Use an Enterprise class spam filtering service like Postini or Spamsoap.

Afterwards, lock down your router and Exchange server to only receive SMTP traffic from Postini or Spamsoap IP ranges.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 34160137
You look like you are an authenticated relay - please have a read through my article, increase your logging, identify the abused account, change the password, restart the SMTP Service and then review your server security:

Article:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

Blog Article (worth a read):
http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/
0
 

Author Comment

by:VMWARE
ID: 34167503
Hello alanhardisty,

How it's possible this type of attack from the compromised account?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34167619
If I know a username and password for a user on your server, because I have tried brute force password attacks on your server or keep trying different usernames and passwords for various account names, it won't take me long to try thousands of passwords and eventually hit the right one.

If your server security does not enforce strong passwords, does not regularly require passwords to be changed and does not lockout accounts after a handful of invalid bad login attempts, then hackers will have a field-day with your server.

Armed with a username and password, essentially the same as giving squatters a key to your house, the spammers can send thousands of spam to your server which your server will instantly accept because you let authenticated users relay through your server.

As a result, until you identify the account that is being abused, the spammers will continue to send spam to your server, causing you all kinds of problems including blacklisting, clogged up internet connection and then problems sending out genuine emails due to the blacklisting.

Does that all make sense?
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question