Solved

Domino Email server has been become spam server

Posted on 2013-02-01
5
557 Views
Last Modified: 2013-12-18
I have get feed back from my client said that  ,they can not receive and send the email ,so i remote to their mail server have lot of NDR until the mailbox congest .I also found that many unknown internet user in the server come from same IP so ,i immediate add this ip to the entry of the denied  host in smtp control.

After i add this entry i can see the server is denied this ip already but i still can see this server very busy then i check services i also found  8 smtp task are busy with that IP ,so i stop those task ,then the server become normal.

Below is my question
---------------------------------
1.Why my email server allow other domain user to relay ? how can i fix this


Below is the statement my senior found out and send to client
-------------------------------------------------------------------------------------------------


xxxxx password has been compromised, that's the reason of your mail server had become a mail spam server that degraded the performance and filled up with NDR. I have changed Karen's Internet password for the time being, thus her Traveler account has been locked out. You have to ask her to change her password to a more secured one. Also inform other users don't use easy to guess password.

QUestion
---------------
1.How to know which user have been compromised ?
0
Comment
Question by:warriorsTeah
5 Comments
 
LVL 15

Accepted Solution

by:
akhafaf earned 500 total points
Comment Utility
Hi there

Firstly,, check the reputation of the SPAM IP which has been sending emails to you .
http://www.mxtoolbox.com/diagnostic.aspx
http://network-tools.com/
http://www.trustedsource.com/

Secondly, check your IP address reputation  ( In order to check if your mail domain has become with bad reputation and a SPAMer then you can clear it )
http://www.mxtoolbox.com/diagnostic.aspx
http://network-tools.com/
http://www.trustedsource.com/

Finally, you can black list this IP using the following steps ( check the snaps )

Configuration Document ..
Router/SMTP
Restrictions and Controls
SMTP Inbound Controls
IP Blocking
And I mentioned in your Other Question please refer to it for the Mail.box handeling .
Best Wishes
0
 

Author Comment

by:warriorsTeah
Comment Utility
Hi akhafaf ,

You are really become my mentor ...ha ha ,because always you are the first person participate in my question ...thank you ,below is my question

1.Why need to check the reputation IP sending to me ?
2.If i has been black list ,report to the postmaster and ask them to remove or we can do it our self and is chargeable ?
3.You never advice me why my superior can know who are the internet account has been compromised ?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Usually nothing is compromised, but someone left a door open. Check whether the server is an open relay server, i.e. that outside mail can be relayed to outside addresses.

Try: http://www.abuse.net/relay.html
0
 
LVL 15

Expert Comment

by:akhafaf
Comment Utility
1.Why need to check the reputation IP sending to me ?

- Just to have any Idea about the reputation of this sender

2.If i has been black list ,report to the postmaster and ask them to remove or we can do it our self and is chargeable ?
- If you have been black listed or have a " high risk " reputation you have to contacts these URLs then ask them to correct this status .

3.You never advice me why my superior can know who are the internet account has been compromised ? In fact, what I was trying to do it to block this IP first of all , make sure that you are not classified as a SPAMer or a Spoofer etc. then we can check any other things.
0
 

Expert Comment

by:Bhupenderkumar
Comment Utility
Pls open messaging configuration document then select Configuration Setting >  router/smtp > Restrictions & control > smtp inbound Controls

check on perform anti relay check for authenticated users. this will help solving your issue.
err.jpg
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now