Solved

Client on LAN sending spam

Posted on 2014-01-15
13
535 Views
Last Modified: 2014-01-26
I have a client on the network that is sending out spam and it has caused us to be blacklisted.  I need to find the computer that is doing it.  I am going to block port 25 on my sonicwall tomorrow at work to see if I can find it that way.  Was wondering if anyone had any other suggestions.

We are using outlook and we don't have an internal email server.
0
Comment
Question by:lrollins
  • 4
  • 3
  • 2
  • +2
13 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
Comment Utility
If you have a managed switch, set a port as mirror/monitor and connect a laptop with Wireshark to it. Capture the traffic and see what IP is sending mail.

HTH,
Dan
0
 
LVL 25

Expert Comment

by:Zephyr ICT
Comment Utility
For more info, there was a thread about it recently: http://www.experts-exchange.com/Security/Misc/Q_28334188.html
0
 
LVL 10

Accepted Solution

by:
Korbus earned 500 total points
Comment Utility
If you have one infected machine, you might have more.  I would suggest you run a full scan on all computers in your network.  
Even with AV software installed, they cannot respond to new threats instantly.  If you get infected during the interval when a virus/malware program is released, and when the AV software is updated to protect against it:  this malware will NOT be automatically detected, unless you run a full system scan.  The normal "on-access" scanners will be too late, the file has already been put on your machine.  For this reason I recommend you have all your workstations run full av scans after-hours(nightly/weekly).  This ought to find the infected machine too.
0
 
LVL 1

Assisted Solution

by:lrollins
lrollins earned 0 total points
Comment Utility
Thanks for all the comments.  I finally got it fixed.  I closed the port 25 and installed malware bytes on all the machines and ran full scans.  Did the trick....
0
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
Please close this question by selecting your comment (http:#a39789210) as the answer. Thanks!
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 10

Expert Comment

by:Korbus
Comment Utility
Why would you suggest he select his own comment, diverseit?  
I suggest, Irollins, you select my comment, where I suggested full AV scans on all machines(at least part of your actual resolution), as the answer (or part of it).
0
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
Sorry Korbus...but you are wrong!!! Just joking. :) In all seriousness I overlooked that...my mistake! Apologies.
0
 
LVL 10

Expert Comment

by:Korbus
Comment Utility
Thanks bud :)
0
 
LVL 1

Author Comment

by:lrollins
Comment Utility
I've requested that this question be closed as follows:

Accepted answer: 0 points for lrollins's comment #a39789210

for the following reason:

Resolved problem on my own
0
 
LVL 10

Expert Comment

by:Korbus
Comment Utility
I suggested running scans on all machines.  This is part of the posted solution.  
The other part of the posted solution, closing port 25, was also posted in the askers original question.
0
 
LVL 1

Author Comment

by:lrollins
Comment Utility
NA
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SPAM Mail 6 38
SMTP in azure websites 2 63
Outlook 2013, 2016 and 4 Exchange Accounts 4 45
listed on blacklists 20 71
This article will describe some of the best ways to process an ex-employee from an Office 365 subscription. I will describe the methods I would recommend when the data needs to be kept for the ex-employee as well as how to manage any new email as we…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
The purpose of this video is to demonstrate how to set up a Mailchimp Template which will let the user create a uniform look for all of their campaigns. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mail…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now