• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 265
  • Last Modified:

Identifying Source of SPAM

I was having a problem with mail queues on my Exchange server filling up with unidentified mail.  By increasing the logging on my Exchange server, I was able to identify which host is sending the mail.  What would be the best way to go about identifying what on that host is sending the mail?
0
gtkdw
Asked:
gtkdw
1 Solution
 
sweepsCommented:
you can try http://www.mxtoolbox.com it is a blacklist site but give you alot of information.  that is a good place to start.  and this site will give you some information on the site.  http://www.networksolutions.com/whois/index.jsp
0
 
gtkdwAuthor Commented:
To clarify - the host that is pushing the mail to my Exchange server is on my network.  I am looking for the best way to identify what on that host is sending the mail.
0
 
Alan HardistyCo-OwnerCommented:
You can download and install Wireshark and then run a network trace to see what is happening on your network and then filter port 25 traffic and see where the traffic is coming from.

http://www.wireshark.org/

Are you sure the host is internal and not an external host using your server as an authenticated relay?  That is the more usual source of spam and my article might help you with this:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

Alan
0
 
Suliman Abu KharroubIT Consultant Commented:
Check the machine for viruses.

also you can check for any process sending emails on port 25:
-Close outlook and any mail clients apps.
-run  " netstat -a -n -o"
-search for Foreign ports 25
-identify the process on the task manager..
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now