• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1457
  • Last Modified:

Company mail server being used as a spam relay

Experts!

Our Imail server is being used to relay large amounts of spam. The spam fills the spool, backs up legitimate messages, and sometimes even crashes the Imail. This is a huge problem for us as we manage email domains for external clients and they are affected by this.

My colleague and I are baffled as to how the spammer is pulling this off. For one, we have Imail configured to only send mail to domains that we manage. It is specifically configured not to send any email to outside domains (Yahoo, Hotmail, Gmail, ect... where most of the spam is going). Additionally, we've added the spammer's email to Imail's "kill list" which should block him, but he is still getting through. I've looking up the IP that the spam is coming from and blocked port 25 for that IP on our firewall. Somehow, spam is still getting through.

After blocking the email and IP, spam continued to come in (and be relayed successfully) from the email account in question. After a few hours, spam started coming in from a new email address. Experts, we are baffled! Please, any suggestions would be appreciated. I can provide any other info you may need.

Thank you!
0
coldfirenj
Asked:
coldfirenj
  • 2
1 Solution
 
coldfirenjAuthor Commented:
Spammers in question... samsont4@aol.com & ehab.elbalawi65@gmail.com
0
 
Seaton007Commented:
0
 
bill_lynchCommented:
Also  

No Mail Relay

With this option, IMail will not relay mail through the server unless the sending user authenticates. On the SMTP Security tab, make sure that 'Disable SMTP "AUTH" reporting' is NOT selected. (In version 8 and higher, this option is on the SMTP Advanced tab).

No Mail Relay is the best solution for customers who are unable to choose 'Relay mail for Addresses' because their users connect using dynamic IP Addresses.

http://support.ipswitch.com/kb/IM-19980116-JB02.htm
0
 
coldfirenjAuthor Commented:
Thank you Bill
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now