Solved

server is sending out spam email, trying to find responsible computer

Posted on 2013-01-17
5
294 Views
Last Modified: 2013-01-23
My server has been blacklisted for sending spam email. We use mailenable and cannot find which user is sending the mail or which computer has the virus. went to the guide here and even found help on this site here. Tried everything recommended however did not find anything weird. In the first article it stated to check for most recent things in the windows system 32 folder. The only files I found with a date equal to today (when the spam started)  were perfh009.dat & perfc009.dat wondering if these are legitimate or the cause of my problem.
0
Comment
Question by:mfsrules
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789494
0
 

Author Comment

by:mfsrules
ID: 38789616
We are using MailEnable Software
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 38789618
Okay - have you read my article?  Is anything relevant?

Who are the senders of the emails in your mail queue?
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 500 total points
ID: 38789830
I've had a client's server blacklisted before. Here is what i did:

1. Temporarily disconect your internet connection for the entire network
2. Run a full scan of the following on every desktop

a. SAS http://www.bleepingcomputer.com/download/search/?keyword=superantispyware

b. MB http://www.bleepingcomputer.com/download/malwarebytes-anti-malware-cleanup-tool/

c. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
d. After full scans of each product, you should be 95% clean.
e. Run a full scan of your up-to-date anti virus
f. Run a full scan of anti virus on your server.

Being blacklisted stops all your email from being delivered. I suggest starting internet service from a new supplier after you know you are clean.

There is a lot of work here, but done properly, it will pay off.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 38792735
Any progress to report?
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question