Solved

server is sending out spam email, trying to find responsible computer

Posted on 2013-01-17
5
287 Views
Last Modified: 2013-01-23
My server has been blacklisted for sending spam email. We use mailenable and cannot find which user is sending the mail or which computer has the virus. went to the guide here and even found help on this site here. Tried everything recommended however did not find anything weird. In the first article it stated to check for most recent things in the windows system 32 folder. The only files I found with a date equal to today (when the spam started)  were perfh009.dat & perfc009.dat wondering if these are legitimate or the cause of my problem.
0
Comment
Question by:mfsrules
  • 2
  • 2
5 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789494
0
 

Author Comment

by:mfsrules
ID: 38789616
We are using MailEnable Software
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789618
Okay - have you read my article?  Is anything relevant?

Who are the senders of the emails in your mail queue?
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 500 total points
ID: 38789830
I've had a client's server blacklisted before. Here is what i did:

1. Temporarily disconect your internet connection for the entire network
2. Run a full scan of the following on every desktop

a. SAS http://www.bleepingcomputer.com/download/search/?keyword=superantispyware

b. MB http://www.bleepingcomputer.com/download/malwarebytes-anti-malware-cleanup-tool/

c. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
d. After full scans of each product, you should be 95% clean.
e. Run a full scan of your up-to-date anti virus
f. Run a full scan of anti virus on your server.

Being blacklisted stops all your email from being delivered. I suggest starting internet service from a new supplier after you know you are clean.

There is a lot of work here, but done properly, it will pay off.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 38792735
Any progress to report?
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now