Emails from Domain blocked by Anti-Spam programs

By Aravinds1611 ·
Dear Reader,

Recently, our domain at workplace had been receiving large numbers of SPAM/Junk emails. Each and every user in the network would receive upto 10-20 SPAM emails a day.

Lately, we found that legitimate emails from our domain do not reach clients and contacts in other domains. Emails from our domains are blocked by programs like Spamcop and Spamhaus etc.

These have blocked the IP address of our domain from which the emails originate.

My lead suspected that a Trojan Horse might be residing in our network and sending SPAM emails.

We completely scanned[SAV version 10.0] all the workstations and found no malicious activity. We have started using Spybot to check if any Spyware is present.

Kindly help me in addressing this issue and where we should start our work in fixing this.

Thank you for your time and suggestion.

Best Regards,

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Using Fport to Check for Trojan Horses

A trojan horse or spyware operates by running on your computer and opening a communication port (TCP port) to communicate with the remote hacker, so he or she can ?spy? on your computer. The easiest way to detect this activity is to look at the ports opened on your computer by using the built-in DOS function netstat. At the DOS prompt, type this command with the switch ?-a?, (i.e. ?netstat -a?) to look for the ports opened on your computer.

If you have no idea what ports are usually related to a trojan horse, you can do a search on any search engine for the term ?common trojan horse ports?. Here are two of the reference sites I?ve found:

If you still have a hard time decoding the lists from these reference sites, you can use a handy program called ?fport?. Download this here:

This program helps match your opening ports with the programs in your computer. This is easier way to locate a particular suspicious program in your computer to uncover any potential spyware residing on your computer.

Please note that since this is a command mode program, you need to bring up a command prompt window by choosing Start ==> Run and then type in the command ?cmd? in the ?Run? window. Next, type in the exact path of the program. For example, if you have installed the program under c:\, type in c:\fport to run it. The program will create a list of programs associated with your computer under inspection. If you have difficulty comprehending a long list of ports on the command prompt window, you can tell the program to redirect the outputs to a text file for printing and later analysis. You can do this by typing, for instance, ?c:\fport > c:\output.txt? to create a file named ?output.txt? on your c drive.

This is a handy tool for running an inspection on your computer to detect any possible hacker?s attack. I recommend that you use it regularly ? it?s to your benefit.

Tags: Trojan Horse Removal, Popular Trojan Horse Port List:

Please post back if you have any more problems or questions.
If this information is useful, please mark as helpful. Thanks.

Related Discussions

Related Forums