locate spam sender with brightmail and exchange 2007

Currently I'm facing problem of my company email domain been blocked by spamhaus and mailspike. My email server is exchange 2007 and I'm using symantec brightmail 9 to blocked spam from inbound and outbound.

It happen twice a week already.

I've run full scan to all the company PC and servers.

How can I checked the source or the sender of the spam with exchange or brightmail? I've checked with exchange's message tacking but couldn't find any spam email.
sweehanAsked:
Who is Participating?
 
schima_czConnect With a Mentor Commented:
1. Check on firewall, that only Exchange / Brightmail server can send e-mails (port 25, SMTP)
2. Try to check in firewall logs, wich devices used SMTP
0
 
Ben HartConnect With a Mentor Commented:
Yup.. I was going to suggest blocking port 25 from all internal hosts except Exchange and Brightmail.
0
 
sweehanAuthor Commented:
Sorry for my late reply. I've checked with my network security personal.

He told me the firewall was already configured for exchange and brightmail only.

This few weeks, I've been scanning viruses through all the servers and computers but still I the email domain get blacklisted.

I feel like i'm chasing ghost....
0
 
sweehanConnect With a Mentor Author Commented:
Run scan with malwarebyte through all the machine. Able to detect the zombie malware.

After clearing the malware, domain email has not been blacklisted.
0
 
sweehanAuthor Commented:
After removing the malware from the infected machine, email domain has not been blacklisted
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.