Solved

Spam - lots of NDR's

Posted on 2011-02-17
13
543 Views
Last Modified: 2012-06-22
Our spam filter -  Xwall - is being swamped wtih   NDR's being reported for spam e-mail being returned and we suspect something on our network is causing the spam. Any tips on isolation. We are running Exchange and we also have  a CIsco router.

0
Comment
Question by:lineonecorp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
13 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 240 total points
ID: 34921900
You could simply be a victim of NDR spam generated from outside.

If they are coming from inside and being send out, then you will be blacklisted somewhere.

Please check on www.mxtoolbox.com/blacklists.aspx and www.blacklistalert.org

Are you blacklisted anywhere?

Do you have an SPF record configured on your domain?
0
 
LVL 5

Assisted Solution

by:shadowmantx
shadowmantx earned 60 total points
ID: 34922089
Another thing to try is lock down SMTP port 25 (inbound and outbound) to the IP of your Email server and deny all workstations.  This will block your workstations in the case if they are infected with virus trojans.  When I performed Exchange message tracking it did not show any of those messages being sent from Email server that led me to believe it was coming from one of my workstations.
0
 

Author Comment

by:lineonecorp
ID: 34922871
Thanks for the tips. I'm putting them in place now. I'll let you know what I find.
0
RoboForm Secure Password Management System

RoboForm Everywhere - Superb Browser Support
Windows / Apple / IOS / Android / Linux / Chrome OS
Use different complex passwords everywhere
Best Secure Password Management by far
Synchronize all of your devices instantly
Safe, Secure & Highly Recommended!

 

Author Comment

by:lineonecorp
ID: 34930586
I think we are i n your words "You could simply be a victim of NDR spam generated from outside." What do we do about this? We are getting NDR's and double NDR's as we are the bounceback address.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 240 total points
ID: 34932362
Setup an SPF record to tell the world which mail servers are permitted to send out mail on your behalf.  That should cut down some of the spam but not all.  The rest will be up to your anti-spam defences.

http://old.openspf.org/wizard.html
0
 

Author Comment

by:lineonecorp
ID: 34934121
Thanks. What if I had a paid SORBS account? Would that give me some extra tools?
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 240 total points
ID: 34934206
I doubt it.  What version of Exchange do you have?

If Exchange 2003, you can use Intelligent Message Filtering, blacklist checks and a few other tools.

If Exchange 2007 / 2010, there are anti-spam tools you can use.
0
 

Author Comment

by:lineonecorp
ID: 34935109
Exchange 2003.  I've never used the tools you mentioned - Intelligent Message Filtering, blacklist checks and a few other tools. If you have any links for them I would appreciate it.  I will be trying the SPF business.  And I do have 2007/2010 at other sites so if there are any other relevant links for them that you think might be useful for this kind of thing please send them as well if they are handy to you. Is there anything I can do at the router end?

0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 240 total points
ID: 34936156
0
 

Author Comment

by:lineonecorp
ID: 34938082
Great. Thanks for all the tips.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34938095
You are welcome.  Are you making headway?
0
 

Author Comment

by:lineonecorp
ID: 34938148
I'll know in a few days.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34938153
If you still have problems - please post again and I'll come up with some more ideas for you.

Alan
0

Featured Post

SendBlaster Pro 4 - Bulk Email Sending Software

SendBlaster 4 Pro - Best Bulk Emailing Sending Software
Automatic Subscribe / Unsubscribe Processing
Great for Newsletters & Mass Mailings
Optional HTML & Text Composition
Integration with Google Features
Built in Spam Score Checking
Free Professional Templates - Feature Packed!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question