Solved

Exchange mail Account hacked ?

Posted on 2015-02-03
4
27 Views
Last Modified: 2016-06-23
My Company is using Exchange 2010 as it mail servers.  It appears the mail server is now hacked as  hackers are using  one the company's  valid email account on the exchange to send malicious mail/ messages to  our client.
How do I stop this ?
0
Comment
Question by:zugulu
4 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 168 total points
ID: 40585979
Change the password for the account immediately and then restart the Transport Service.

Then empty out any queues of invalid messages and review the security of your server settings / password settings as they sound like you have weak passwords and they aren't changed often enough.

Alan
0
 
LVL 4

Assisted Solution

by:Praveen Kumar Bonala
Praveen Kumar Bonala earned 166 total points
ID: 40586045
Most probably there could be a misconfiguration in SMTP relay.
In a Small Business Server environment, you may have to prevent your Microsoft Exchange Server-based server from being used as an open relay SMTP server for unsolicited commercial e-mail messages, or spam. You may also have to clean up the Exchange server's SMTP queues to delete the unsolicited commercial e-mail messages. If your Exchange server is being used as an open SMTP relay.

Please check following link to configure SMTP Relay.
http://support.microsoft.com/kb/324958
0
 
LVL 19

Assisted Solution

by:Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz earned 166 total points
ID: 40586056
I suggest you force all users change his passwords and set a expiry policy.

To force all users (domain administrator too) you can run this from powershell:
import-module activedirectory
get-aduser -filter {objectclass -eq "user"} | set-aduser -ChangePasswordAtNextLogon $true
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question