Solved

spam looks like being sent from our server.

Posted on 2012-03-30
1
377 Views
Last Modified: 2012-04-02
I was looking at message tracking log in our exchagne server 2003, some spam emails look like being sent from our email server(screen capture attached).
I restricted email relay in our server (screen capture attached) and tested using open relay test (http://www.checkor.com/), it blocks it properly. Where can I check how the spams being sent from in our email server?
hhhhhhhhhh.jpg
ggggggg.jpg
0
Comment
Question by:crcsupport
1 Comment
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37788085
My article discusses an Authenticated Relay situation (as well as an NDR attack) and due to the volume of Authenticated relay Attacks I have seen of late, I would suspect that this is what is happening.

Please have a read of my article and work through the logging level increase to isolate the account.

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2556-Why-are-my-outbound-queues-filling-up-with-mail-I-didn't-send.html

Also - please have a read of my two blog articles:

http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/

http://alanhardisty.wordpress.com/2010/12/01/increase-in-hacker-attempts-on-windows-exchange-servers-one-way-to-slow-them-down/

The last blog entry has a quick fix which should stop the problem dead in it's tracks.

Alan
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now