Solved

server is sending out spam email, trying to find responsible computer

Posted on 2013-01-17
5
293 Views
Last Modified: 2013-01-23
My server has been blacklisted for sending spam email. We use mailenable and cannot find which user is sending the mail or which computer has the virus. went to the guide here and even found help on this site here. Tried everything recommended however did not find anything weird. In the first article it stated to check for most recent things in the windows system 32 folder. The only files I found with a date equal to today (when the spam started)  were perfh009.dat & perfc009.dat wondering if these are legitimate or the cause of my problem.
0
Comment
Question by:mfsrules
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789494
0
 

Author Comment

by:mfsrules
ID: 38789616
We are using MailEnable Software
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789618
Okay - have you read my article?  Is anything relevant?

Who are the senders of the emails in your mail queue?
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 500 total points
ID: 38789830
I've had a client's server blacklisted before. Here is what i did:

1. Temporarily disconect your internet connection for the entire network
2. Run a full scan of the following on every desktop

a. SAS http://www.bleepingcomputer.com/download/search/?keyword=superantispyware

b. MB http://www.bleepingcomputer.com/download/malwarebytes-anti-malware-cleanup-tool/

c. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
d. After full scans of each product, you should be 95% clean.
e. Run a full scan of your up-to-date anti virus
f. Run a full scan of anti virus on your server.

Being blacklisted stops all your email from being delivered. I suggest starting internet service from a new supplier after you know you are clean.

There is a lot of work here, but done properly, it will pay off.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 38792735
Any progress to report?
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Learn about cloud computing and its benefits for small business owners.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question