Re: SMTP queue problem (SPAM!!!)

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 9 Sep 2004 11:36:55 -0400

On Thu, 9 Sep 2004 10:23:52 -0600, António Vasconcelos
<antonio.vasconcelos@xxxxxxxxxxx> wrote:
> Hello.
> My name is António and I recently moved to a new job.
> All the structure was already setup. It contains (just for visualization,
> heheh :P) a Nokia Firewall, a ISA Server, Active Directory and Exchange
> Server 2000 (all the servers with Windows 2000).

With this type of infrastructure, your company can afford to have up
to date and centrally managed anti-virus software. Do you have this in

> I have tested many times the open relay at the Exchange and all the
> results were negative (Open Relay is closed).
> I also read an article about SMTP Authority problem, and altered the
> internal password policy to solve that problem.
> Even tough, a have a great problem at the SMTP protocol. I keep receiving
> thousands of SPAM messages in several domains (such as,,
> etc., and note that I freezed the majoity), and every day, new domains get
> in queue list with retry status carring SPAM messages.
> I don´t know waht more to do. I have Mcafee SpamKiller installed and he
> works fine to me... Is it possible to be a internal computer to be doing
> this? Please help me... I'm stuck in this, and I'm losing all the hope in
> Microsoft.

1) Scan all network connected devices for viruses, worms, malicious code, etc.
2) Do you have Exchange-aware AV software running on the Exchange
server? If not, do so.
3) Do you have strong passwords protecting all AD accounts? It could
be a comprised account if your SMTP relay is based on authentication.

We can go to the next steps once we have the aforementioned stuff addressed.


Other related posts: