Question

  • Creator
    Topic
  • #2149664

    Spamers are using me as a realy how do I prevent this????

    Locked

    by jsizer ·

    I have recently installed Exchange 2007 and I have noticed that in my message queue there is tons of messages that are trying to be sent through my server that are apparently SPAM. I have been searching and searching to find out how to fix this and I cannot quite understand. One article conflicts with another article and I cannot seem to find the appropriate solution and the microsoft documentation is less then understandable! ugh!

    Can someone please help me fix this. We did block port 25 in the firewall thinking that would resolve it but that didn’t fix it. They are still getting through and we don’t know how to plug the hole at this point.

    Thanks,

    Jennifer

All Answers

  • Author
    Replies
    • #2913616

      Clarifications

      by jsizer ·

      In reply to Spamers are using me as a realy how do I prevent this????

      Clarifications

    • #2913408

      Test first

      by jellimonsta ·

      In reply to Spamers are using me as a realy how do I prevent this????

      Firstly, you can test your Email server to ensure it is in fact a relay. Try this site…

      http://www.abuse.net/relay.html

      If you are, go to server configuration>hub transport, right click your receive connector(s) and ensure ‘anonymous’ is not selected.

      If not, it may be additional NDR traffic.

      If so, expand organization configuration>Hub transport>Remote domains>Right click the default and uncheck ‘allow non delivery reports’.

      Regards.

    • #2913403

      Please check for malware

      by lyon_bleu ·

      In reply to Spamers are using me as a realy how do I prevent this????

      After hardening the server against inbound traffic, do you still see suspicious outbound traffic? The firewall may not offer much protection if there there is something on the LAN that is inviting the messages to be forwarded from within.

      • #2917228

        HOW DO I LOOK FOR MALWARE????

        by jsizer ·

        In reply to Please check for malware

        I need to know how can I scan my network for something that would be allowing the traffic through?

        Jenn

        • #2917205

          A sniffer will tell you

          by cmiller5400 ·

          In reply to HOW DO I LOOK FOR MALWARE????

          A packet sniffer will tell you what you want to know. If you do not know what it is, you may want to get a professional in to find out what is going on.

          Other than that, a scan of all servers/workstations may be in order. make sure that they are up to date on their antivirus software and you can run [url=http://www.safer-networking.org]Spybot S&D[/url] to scan for malware.

          Good Luck!!

        • #2917172

          malware

          by ray4ctech ·

          In reply to A sniffer will tell you

          I had jsut found 2 of my coputers in the field. They kept getting a pop-up that said there computer was infected by and named antivirus 2008. I did a quick google on it and found a utility called spyware doctor. I installed it and ran it and was able to remove it quickly.

        • #2917195

          Go through the list

          by jdclyde ·

          In reply to HOW DO I LOOK FOR MALWARE????

          First, make sure your server is fully patched.

          Make sure your AntiVirus is up-to-date and running daily.

          Run AdAware by lavasoft.
          Run the spyware detector by AVG.
          S&D
          shreader
          stinger

          If you still suspect an infection, take the system down and run the scans in safe mode.

          Turn off mail relay on your server.

          Change the root passwords, just in case you have been compromised.

          Let us know how that works out for you.

          jd

        • #2917164

          HOW DO I TURN OFF MAIL RELAY

          by jsizer ·

          In reply to Go through the list

          I hear what you are saying and that is part of the issue. I am not sure how to turn off mail relay. I am new to Exchange 2007 so I am just not sure what I have to do to get this stopped…

        • #2917148
        • #2917134

          And of course

          by jdclyde ·

          In reply to Here

          don’t forget to mark posts as helpful if they were.

          A little credit given where credit due, huh? 😀

        • #2917109

          “Jammie ….. ” springs to mind. ;)

          by older mycroft ·

          In reply to And of course

          .

Viewing 2 reply threads