Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 581
  • Last Modified:

Domino Email server has been become spam server

I have get feed back from my client said that  ,they can not receive and send the email ,so i remote to their mail server have lot of NDR until the mailbox congest .I also found that many unknown internet user in the server come from same IP so ,i immediate add this ip to the entry of the denied  host in smtp control.

After i add this entry i can see the server is denied this ip already but i still can see this server very busy then i check services i also found  8 smtp task are busy with that IP ,so i stop those task ,then the server become normal.

Below is my question
---------------------------------
1.Why my email server allow other domain user to relay ? how can i fix this


Below is the statement my senior found out and send to client
-------------------------------------------------------------------------------------------------


xxxxx password has been compromised, that's the reason of your mail server had become a mail spam server that degraded the performance and filled up with NDR. I have changed Karen's Internet password for the time being, thus her Traveler account has been locked out. You have to ask her to change her password to a more secured one. Also inform other users don't use easy to guess password.

QUestion
---------------
1.How to know which user have been compromised ?
0
warriorsTeah
Asked:
warriorsTeah
1 Solution
 
akhafafCommented:
Hi there

Firstly,, check the reputation of the SPAM IP which has been sending emails to you .
http://www.mxtoolbox.com/diagnostic.aspx
http://network-tools.com/
http://www.trustedsource.com/

Secondly, check your IP address reputation  ( In order to check if your mail domain has become with bad reputation and a SPAMer then you can clear it )
http://www.mxtoolbox.com/diagnostic.aspx
http://network-tools.com/
http://www.trustedsource.com/

Finally, you can black list this IP using the following steps ( check the snaps )

Configuration Document ..
Router/SMTP
Restrictions and Controls
SMTP Inbound Controls
IP Blocking
And I mentioned in your Other Question please refer to it for the Mail.box handeling .
Best Wishes
0
 
warriorsTeahAuthor Commented:
Hi akhafaf ,

You are really become my mentor ...ha ha ,because always you are the first person participate in my question ...thank you ,below is my question

1.Why need to check the reputation IP sending to me ?
2.If i has been black list ,report to the postmaster and ask them to remove or we can do it our self and is chargeable ?
3.You never advice me why my superior can know who are the internet account has been compromised ?
0
 
Sjef BosmanGroupware ConsultantCommented:
Usually nothing is compromised, but someone left a door open. Check whether the server is an open relay server, i.e. that outside mail can be relayed to outside addresses.

Try: http://www.abuse.net/relay.html
0
 
akhafafCommented:
1.Why need to check the reputation IP sending to me ?

- Just to have any Idea about the reputation of this sender

2.If i has been black list ,report to the postmaster and ask them to remove or we can do it our self and is chargeable ?
- If you have been black listed or have a " high risk " reputation you have to contacts these URLs then ask them to correct this status .

3.You never advice me why my superior can know who are the internet account has been compromised ? In fact, what I was trying to do it to block this IP first of all , make sure that you are not classified as a SPAMer or a Spoofer etc. then we can check any other things.
0
 
BhupenderkumarCommented:
Pls open messaging configuration document then select Configuration Setting >  router/smtp > Restrictions & control > smtp inbound Controls

check on perform anti relay check for authenticated users. this will help solving your issue.
err.jpg
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now