Microsoft
Software
Hardware
Network
Question : General Spam questions
I am getting several undeliverable notifications on several users inboxes recently. There is clearly a spam problem going on and i am not sure of what was breached. The problem was really noticeable yesterday and I have already done the following.
Tested for open relay on Exchange 2000. It is not an open relay. I went through a similar article on this website and found a link to a MS webcast on how to ensure that the default settings were in place. I also changed my smtp connector settings to forward all msgs to a fake IP address, and to hold everything until midnight so that i could flush out the bad messages that were showing up (as shown on another webcase on the same post). Once flushed i put those settings back to normal. I updated my virus definitions and scanned my server, as well as a couple of the client pcs in question, and came up with no viruses. All of this was done after hours yesterday. Today I come in and i am still getting undeliverable notifications!
Now i can deal with incoming spam, but I HAVE to get rid of this outgoing spam as it is having a significant impact on the orginization. What backdoor do i have open for the spammers to go through? My open relay test is as follows
HELO ortest.checkor.com
* 250 server.domain.com Hello [204.16.252.112]
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
501 5.5.4 Invalid Address
RCPT TO:
[email protected]
503 5.5.2 Need Mail From: first
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO: "
[email protected]
"@75.xxx.xx
x.xx
550 5.7.1 Unable to relay for "
[email protected]
"@75.xxx.xx
x.xx
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO: @75.xxx.xxx.xx:spamtest@ch
eckor.com
550 5.7.1 Unable to relay for
[email protected]
Answer : General Spam questions
Question PAQ'd, 500 points refunded, and stored in the solution database.
Random Solutions
Help with wpad script
VPN connection issue with Comcast
Outlook is unable to connect to your outgoing (SMTP) e-mail server. (0x80042109)
How To Exclude a Folder from Compact Task
My system log is being filled up with this error: WINS encountered a JET error - Event ID 4224
Linksys Router and AOL DSL?
Event 3034
Amount of bandwidth needed
Conflicts using one or more SMTP Connectors in Exchange
Cisco Aironet (1130/1200 Series) Multiple SSID / VLAN issue
