Solved

How to find a Spam Generatir in my Network

Posted on 2011-03-13
8
392 Views
Last Modified: 2012-05-11
Dear Experts

i am running most of my clients on Windows XP with Syamantec Endpoint Virus Protection & having Exchange 2003 Enterprise Server, from last few days I have constatnly been black listed on various spam engines, shown at MXTOOLBOX, How can I check which of the computer is generating these thousands of spam messages.

I have run a relay check & found that relay is not allowed, I have also blocked the HTTP & HTTPS access to my mail server from outside.

Please Help.
0
Comment
Question by:inteq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 11

Accepted Solution

by:
Pieter Jordaan earned 250 total points
ID: 35125946
Hi

I had a similar problem a while ago, and found a computer on my network that delivers email straight to the mail server port 25. It could manipulate the entire email, including from, to and attachments.

We had to configure exchange connectors for all the authorized mail hosts, and block everything else.

I found the computer by changing the mail server IP address, and then configuring a pfsense firewall to use the IP address so that I could filter through the connections, and forward packets to exchange.

There must be a simpler way to find the machine / machines that are delivering the emails.
I did not look at Windows tools to do that.

The simplest would be to change the exchange connector to only accept emails from specified IP addresses, or to block your LAN IP range on that port.

Depending on the size of your network, you could try a different Anti-Virus, like AVG - http://free.avg.com to try and find it. I haven't had good luck with viruses using Syamantec. I'm sure AVG will pick up virusses that Syamantec missed.

Good luck.
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 35126016
0
 
LVL 11

Expert Comment

by:Pieter Jordaan
ID: 35126106
True.

I suppose the 30 day trial will also do the trick.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 23

Expert Comment

by:phototropic
ID: 35423969
Please share points with BitFreeze.  His initial post is the meat and potatos of this answer.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35424169
Sorry - thought I selected the "Split" option.
I am going to "Object" to this, so a Moderator can make that happen.

Good call - thanks.
0
 

Expert Comment

by:ModernMatt
ID: 35455459
Starting the process to split the points.

Thanks, all!

ModernMatt
Experts Exchange Moderator
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some site administrators might be considering how to filter incoming traffic to a site by identifying the domains or networks of the traffic source, in the same way that a spam filter does on an email server, such as blocking all emails sent from th…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question