Mike_Stevens
asked on
Spam being sent using SMTP sever
I am having a problem with someone sending spam using our SMTP mail server that is part of our website hosting account. It has happened several times over the past few weeks and when the web host sees it they go in a change our mail server passwords to stop it, which it does.
On several occasions I have changed the mail server passwords and control panel passwords to a strong password of at least 30 characters or more but it seems like it is just a matter of time before that are back.
I have ran spyware detectors and anti-virus software on all computers on the network to make sure it is not internal. I know I will probably never know who is doing this but what can I do to stop it for good?
On several occasions I have changed the mail server passwords and control panel passwords to a strong password of at least 30 characters or more but it seems like it is just a matter of time before that are back.
I have ran spyware detectors and anti-virus software on all computers on the network to make sure it is not internal. I know I will probably never know who is doing this but what can I do to stop it for good?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We are not using exchange. It is a POP3 mail server that checks a catchall mailbox configured as part of the web hosting account. I am reviewing the SMTP logs for the mail server but dont see anything that is not normal.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A POP3 server is rarely an SMTP server unless it's pop auth before smtp.
ASKER
The operating system of the machine running the mail server software is Windows 10. The server software is https://www.icewarp.com. We have been running this configuration for 15 years without issue.
In the web hosting account is one catchall mailbox. The pop3 mail server checks that mailbox every minute for mail then downloads it and the mail server software takes care of distributing the mail to the user mailboxes. When a user sends an email the mail server software using the SMTP server info for the SMTP server that is part of our hosting account.
In the web hosting account is one catchall mailbox. The pop3 mail server checks that mailbox every minute for mail then downloads it and the mail server software takes care of distributing the mail to the user mailboxes. When a user sends an email the mail server software using the SMTP server info for the SMTP server that is part of our hosting account.
Moving forward, worthy to review the hardening is verified
https://esupport.icewarp.com/index.php?/Knowledgebase/Article/View/257/6/securing-your-icewarp-server
https://esupport.icewarp.com/index.php?/Knowledgebase/Article/View/257/6/securing-your-icewarp-server
Some good guidance https://support.microsoft.com/en-us/kb/324958