Exchange server sending out SPAM

Posted on 2013-09-24
Medium Priority
Last Modified: 2013-10-08
A client called and stated that his server is sending out SPAM and he has been blacklisted by a few of his clients for doing so. Here is what was sent back to him from a client:

Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Fri, 20 Sep 2013 14:10:23 -0400 (EDT) Source-IP: Reported-Domain: static-64-61-11-155.isp.broadviewnet.net Redacted-Address: redacted Redacted-Address: redacted@ EARN ADDITIONAL MONEY WITHOUT QUTTING YOUR DAILY JOB!!!.eml Subject: EARN ADDITIONAL MONEY WITHOUT QUTTING YOUR DAILY JOB!!! From: "FINANCIAL SERVICE INC" Date: 9/18/2013 8:00 PM Hi, How would you like to earn additional income while you still go about your daily routine? Here is an offer for you, earn up to $10,000 or more monthly without quitting your daily job or career. Mail me if interested. Reply to address to rcc.official@hotmail.com FINANCIAL SERVICE INC.

What is the best method to resolve this? I am not on-site. And what is the best method to prevent this from ever happening again?

Thanks in advance for all responses... Rich
Question by:RSchierer

Assisted Solution

by:Frank McCourry
Frank McCourry earned 668 total points
ID: 39517804
Find the viruse(s) on his network and eradicate it.  Also check to see if the server is an open relay.  the tools at mxtoolbox.com should be very helpful.
LVL 19

Assisted Solution

suriyaehnop earned 664 total points
ID: 39517830
You have to identify the cause of the issue. You may ask do message tracking the source of the sender.

What I did experienced before is spammer use mail server to relay email out. The email was appeared came from my exchange server. What I did after that was blocked at mail gateway from sending out spam mail to internet.

Once, the cause had been identified, i removed my domain from DNSBL.

You may ask your client to temporary removed the domain from DNSBL while do investigation.
LVL 76

Accepted Solution

Alan Hardisty earned 668 total points
ID: 39518011
Please have a read of my article and check the sender of the messages.  If it is a random external domain name, you are an authenticated relay and my article will tell you how to sort the problem:


My blog also has a quick fix for stopping the problem happening ever again:



Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

There are literally thousands of Exchange recovery applications out there. So how do you end up picking one that’s ideal for your business & purpose? By carefully scouting the product’s features, the benefits it offers you, & reading ample reviews f…
This article explains how to move an Exchange 2013/2016 mailbox database and logs to a different drive.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question