Re: SMTP queue problem (SPAM!!!)
- From: António Vasconcelos <antonio.vasconcelos@xxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 09 Sep 2004 17:07:57 +0100
1) Scan all network connected devices for viruses, worms, malicious code,
etc.
--> Going to do this.
2) Do you have Exchange-aware AV software running on the Exchange
server? If not, do so.
--> I had installed Exchange Groupshield but had to unninstall it so I
could install SpamKiller for Excahnge, since I read in the manual that
both applications couldn´t run at the same server. For AV I have installed
in all servers and machines (not all, still updating them) the mcafee
VirusScan Enterprise 7.0.
3) Do you have strong passwords protecting all AD accounts? It could
be a comprised account if your SMTP relay is based on authentication.
--> I made the modification ( 7 characters minimum, special characters,
etc.) about a week ago but, the problem is that most of the users are at
vacations....
Thank you very much for your reply.
Best regards
Danny wrote:
http://www.MSExchange.org/
On Thu, 9 Sep 2004 10:23:52 -0600, António Vasconcelos
<antonio.vasconcelos@xxxxxxxxxxx> wrote:
http://www.MSExchange.org/
Hello.
My name is António and I recently moved to a new job.
All the structure was already setup. It contains (just for visualization,
heheh :P) a Nokia Firewall, a ISA Server, Active Directory and Exchange
Server 2000 (all the servers with Windows 2000).
With this type of infrastructure, your company can afford to have up
to date and centrally managed anti-virus software. Do you have this in
place?
I have tested many times the open relay at the Exchange and all the
results were negative (Open Relay is closed).
I also read an article about SMTP Authority problem, and altered the
internal password policy to solve that problem.
Even tough, a have a great problem at the SMTP protocol. I keep receiving
thousands of SPAM messages in several domains (such as aol.com, yahoo.com,
etc., and note that I freezed the majoity), and every day, new domains get
in queue list with retry status carring SPAM messages.
I don´t know waht more to do. I have Mcafee SpamKiller installed and he
works fine to me... Is it possible to be a internal computer to be doing
this? Please help me... I'm stuck in this, and I'm losing all the hope in
Microsoft.
1) Scan all network connected devices for viruses, worms, malicious code,
etc.
2) Do you have Exchange-aware AV software running on the Exchange
server? If not, do so.
3) Do you have strong passwords protecting all AD accounts? It could
be a comprised account if your SMTP relay is based on authentication.
We can go to the next steps once we have the aforementioned stuff addressed.
...D
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
antonio.vasconcelos@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
