Spam Engine?

Spam Engine? (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Server Security

Message

Guest -> Spam Engine? (4.Dec.2003 4:39:00 PM)
I have a remote exchange 2000 server at a client site which keeps receiving rejected replies from other domains. Tt seems apparent that invalid users are sending spam type e-mail through the smtp sever. I believe we have verified that smtp relay is off using telenet to test using an invalid account. is there any possibility tthat SMTP is still relaying or is there some type of viral or adware activity which could be running a spam engine on one of the machines? Any help would be appreciated.

gurra -> RE: Spam Engine? (10.Dec.2003 10:47:00 PM)
Hi rage, If you want to find out wether there are any processes running on your Exchange box (that shouldn't be running)don't use taskmanager for this purpose,it uses to much CPU and is unreliable.Instead you should use a toll called Process Explorer,great tool,only need to execute(no install)it's small and doesn't use half the CPU as taskmanager,you'll find it here: http://www.sysinternals.com/ntw2k/freeware/procexp.shtml In any other case you should run netstat from your Exchange box to see how the traffic flows e.g (netstat -a -n \| more) or use a network sniffer called ethereal,download it from insecure.org.Another thing you could do is to enable the inbuilt firewall on the Exchange box,be sure to permit traffic on port 25 and possible 443 if you run OWA 2003 over SSL,you could permit port 80 as well but for security reasons I advice you not too,those rules are predefined in the firewall so it shouldn't be that hard.Best of luck ! Leifi

Page: [1]