Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange mail Account hacked ?

Posted on 2015-02-03
4
Medium Priority
?
55 Views
Last Modified: 2016-06-23
My Company is using Exchange 2010 as it mail servers.  It appears the mail server is now hacked as  hackers are using  one the company's  valid email account on the exchange to send malicious mail/ messages to  our client.
How do I stop this ?
0
Comment
Question by:zugulu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 672 total points
ID: 40585979
Change the password for the account immediately and then restart the Transport Service.

Then empty out any queues of invalid messages and review the security of your server settings / password settings as they sound like you have weak passwords and they aren't changed often enough.

Alan
0
 
LVL 4

Assisted Solution

by:Praveen Kumar Bonala
Praveen Kumar Bonala earned 664 total points
ID: 40586045
Most probably there could be a misconfiguration in SMTP relay.
In a Small Business Server environment, you may have to prevent your Microsoft Exchange Server-based server from being used as an open relay SMTP server for unsolicited commercial e-mail messages, or spam. You may also have to clean up the Exchange server's SMTP queues to delete the unsolicited commercial e-mail messages. If your Exchange server is being used as an open SMTP relay.

Please check following link to configure SMTP Relay.
http://support.microsoft.com/kb/324958
0
 
LVL 19

Assisted Solution

by:Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz earned 664 total points
ID: 40586056
I suggest you force all users change his passwords and set a expiry policy.

To force all users (domain administrator too) you can run this from powershell:
import-module activedirectory
get-aduser -filter {objectclass -eq "user"} | set-aduser -ChangePasswordAtNextLogon $true
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question