WE have 10 users and an SBS 2008 server wtih 2007 Exchange. We just began to be blacklisted by several of the blakclisting organinzations. It appears that someone has hijcaked our email addresses and or got into network and is spaming etc.
I have been out of the cournhtyr with limited email top remote into offide to check it out. Currently the office obiously recievesinbound mail but outbound appears to mostly be blocked.
THe office runs Symatnec Endpoint but it appears taht the defintions are out of date and no one renewed the license etc. Plus SYmantec is not necessairly good at catching all this stuff anyway!
I can run scnas with it and also Malwarebytes and Spybot Search and Destroy once back at office. We need to clean up before getting un-blacklisted.
My qutesiont are has anyoone gone through this and what is is anything the best way to determine what happened and is going on ? I haven't had to deal with this and am lost at trying to figure out what to do to see what happened and fixed. Being out of country with limited access remotely to check has also been a pain.