RE: OWA and spammers

  • From: "josephk" <josephk@xxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 15 Sep 2004 16:07:51 -0700

Hi there,

I finally have it setup.

I have my SMTP mail coming in via one line and going to a forwarder that
then
Sends to my backend EXCHANGE box. Things are authenticated between the
forwarder and
The exchange box.  When I send out from exchange, exchange sends to a
forwarder on an outgoing line
And that sends out the mail. Seems to work for both OWA and standard
SMTP.

A test link can be used to help test: http://www.zoneedit.com/smtp.html

Thank you,

Joseph

-----Original Message-----
From: G. Waleed Kavalec [mailto:Kavalec@xxxxxxxx] 
Sent: Wednesday, September 15, 2004 4:03 PM
To: [ISAserver.org Discussion List]
Subject: FW: OWA and spammers



> It sounds more like you're saying that when you
> published OWA, your ISA server started getting
> used as an open proxy by spammers.


Yes. You phrased it much better than I did.

And as to ISA vs Exchange lists... That is part of the mystery.

My ISP is overworked at the moment, and no longer has the complaining
emails, but the problem went away when I turned OWA publishing off.

CC'ing my favorite ISA list.

   ----------------------------
   G. Waleed Kavalec
   Baca, Stein, White and Associates
   281-342-2646
 


-----Original Message-----
From: Tom Meunier [mailto:tmeunier@xxxxxxxxx] 
Sent: Tuesday, September 14, 2004 8:51 AM
To: MS-Exchange Admin Issues
Subject: Re: OWA and spammers


Howdy Waleed,

I'm not sure your terminology is accurately conveying what happened. 
It sounds more like you're saying that when you published OWA, your ISA
server started getting used as an open proxy by spammers.

What evidence did your ISP provide?  From what machine did the spam
originate?  My guess is that this is a question for an ISA list
(although there's probably some good non-me ISA expertise here also)

-- 
-tom


----- Original Message -----
From: G. Waleed Kavalec <kavalec@xxxxxxxx>
Date: Tue, 14 Sep 2004 08:45:23 -0500
Subject: OWA and spammers
To: MS-Exchange Admin Issues <exchangelist@xxxxxxxxxxxxxxxxxxxxxxxxxx>



I had one person out sick who wanted access to their email (bedridden
and bored).

So I turned on OWA and ran the OWA publication wizard on our MS-ISA
firewall. Couple of tweaks and it was up.

Two days later our ISP tells me we are spamming. SLAM!  I shut down OWA
and the problem stops.

So... The next time I want to turn this beast on, what do I need to look
for?  What "hole" in OWA makes this possible?

~ NEW: SNSI V1.5: Security Scan by IP, Port or Service - Multiplatform ~
 ~          <http://www.sunbelt-software.com/product.cfm?id=987>
~

~ NEW: SNSI V1.5: Security Scan by IP, Port or Service - Multiplatform ~
 ~          <http://www.sunbelt-software.com/product.cfm?id=987>
~

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2004