Microsoft
Software
Hardware
Network
Question : General Spam questions
I am getting several undeliverable notifications on several users inboxes recently. There is clearly a spam problem going on and i am not sure of what was breached. The problem was really noticeable yesterday and I have already done the following.
Tested for open relay on Exchange 2000. It is not an open relay. I went through a similar article on this website and found a link to a MS webcast on how to ensure that the default settings were in place. I also changed my smtp connector settings to forward all msgs to a fake IP address, and to hold everything until midnight so that i could flush out the bad messages that were showing up (as shown on another webcase on the same post). Once flushed i put those settings back to normal. I updated my virus definitions and scanned my server, as well as a couple of the client pcs in question, and came up with no viruses. All of this was done after hours yesterday. Today I come in and i am still getting undeliverable notifications!
Now i can deal with incoming spam, but I HAVE to get rid of this outgoing spam as it is having a significant impact on the orginization. What backdoor do i have open for the spammers to go through? My open relay test is as follows
HELO ortest.checkor.com
* 250 server.domain.com Hello [204.16.252.112]
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
501 5.5.4 Invalid Address
RCPT TO:
[email protected]
503 5.5.2 Need Mail From: first
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO:
[email protected]
550 5.7.1 Unable to relay for
[email protected]
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO: "
[email protected]
"@75.xxx.xx
x.xx
550 5.7.1 Unable to relay for "
[email protected]
"@75.xxx.xx
x.xx
--------------------------
----------
----------
----------
----------
----------
----
RSET
250 2.0.0 Resetting
MAIL FROM:
[email protected]
250 2.1.0
[email protected]
er OK
RCPT TO: @75.xxx.xxx.xx:spamtest@ch
eckor.com
550 5.7.1 Unable to relay for
[email protected]
Answer : General Spam questions
Question PAQ'd, 500 points refunded, and stored in the solution database.
Random Solutions
Constant DCOM error with another computer on home network
OSI model and client/server
How to access another users contacts in notes
JBoss 4.0.1sp1 startup problem: java.lang.NoClassDefFoundE<wbr />rror: org/jboss/util/id/SerialVe<wbr />rsion
Eclipse and Oracle Server
ISA 2004 IISADMPWD
SCRIPTS folder in %WINDIR%\SYSVOL\SYSVOL\COM<wbr />AIN.NAME\S<wbr />CRIPTS gets renamed/removed
Redirecting website traffic
Public DNS Conflict with GoDaddy
How do i network 2 computers so I can share files?
