|
farisnt -> I am Sinking with SPAM .. HEELP (20.Dec.2006 3:59:30 PM)
|
HI
my Network is sinking with SPAM every day there is more than 100 SPAM Email reach to my network
I have Windows 2003 Service Pack1 have Exchange Server 2003 Service Pack2
There is Windows 2003 Service Pack1 that had ISA 2004 Service Pack2
There is Windows 2003 Service pack1 that had POPcon that download the Emails from another webhsot
I have Intelligent Message Filter that is configured and Trend Mail Scan that have the SPAM Protection up to High
but I am still having problem with SPAM
SPAM are reaching from Several Account name and some mails are from other brunches .. but they are
SPAM
I thought that there is a SPAM Server that is sending a mails to the network...
I look in the Email Header and found that there are several Servers not one .. each message is comming from an IP
I have add some of these IP to the Deny List on the IMF .. I look for Spam servers on the internet and I found that there is more than 200 SPAM Server and I can not add every
thing. and make them as a SPAM ..
I hope that there is any one how can help me in this
These are some of the message header
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from exchange-pop3-connector.com ([192.168.1.254]) by mserver.msc-sy.com with Microsoft SMTPSVC(6.0.3790.0);
Tue, 19 Dec 2006 01:58:12 +0200
Return-path: <pamphletflung@absincorp.com>
Envelope-to: telexrelease@msc-sy.com
Delivery-date: Mon, 18 Dec 2006 18:51:37 -0500
Received: from msc by satellite.dnsprotect.com with local-bsmtp (Exim 4.52)
id 1GwSGa-0004ON-B9
for telexrelease@msc-sy.com; Mon, 18 Dec 2006 18:51:36 -0500
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
satellite.dnsprotect.com
X-Spam-Level: ***
X-Spam-Status: No, score=3.5 required=5.0 tests=BAYES_99 autolearn=no
version=3.1.7
Received: from [89.139.48.16] (helo=8bd68cc84d9b4b0)
by satellite.dnsprotect.com with esmtp (Exim 4.52)
id 1GwSGZ-0004Nb-Lx
for telexrelease@msc-sy.com; Mon, 18 Dec 2006 18:51:32 -0500
Received: from 70.103.241.142 (HELO smtp.absincorp.com)
by msc-sy.com with esmtp (DQ*)Y7L.4 @9UF3)
id -4H).9-T5='3)-P1
for telexrelease@msc-sy.com; Mon, 18 Dec 2006 23:51:45 -0120
From: "Lydia Kline" <pamphletflung@absincorp.com>
To: <telexrelease@msc-sy.com>
Subject: Lydia
Date: Mon, 18 Dec 2006 23:51:45 -0120
Message-ID: <01c722ff$7956e050$6c822ecf@pamphletflung>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
Thread-Index: Aca6Q--,J95Q>T2'=0,034GT98L9T2==
X-OriginalArrivalTime: 18 Dec 2006 23:58:12.0890 (UTC) FILETIME=[60798FA0:01C72300]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-3.6.1039-14882.000
X-TM-AS-Result: Yes-11.650600-4.000000-31
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from exchange-pop3-connector.com ([192.168.1.254]) by mserver.msc-sy.com with Microsoft SMTPSVC(6.0.3790.0);
Tue, 19 Dec 2006 03:29:02 +0200
Return-path: <bounce@taggedmail.com>
Envelope-to: rsuleiman@msc-sy.com
Delivery-date: Mon, 18 Dec 2006 20:24:57 -0500
Received: from msc by satellite.dnsprotect.com with local-bsmtp (Exim 4.52)
id 1GwTiu-0005Kv-Gn
for rsuleiman@msc-sy.com; Mon, 18 Dec 2006 20:24:57 -0500
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
satellite.dnsprotect.com
X-Spam-Level: *
X-Spam-Status: No, score=1.5 required=5.0 tests=BAYES_40,FORGED_YAHOO_RCVD,
HTML_90_100,HTML_IMAGE_ONLY_32,HTML_MESSAGE,MIME_HTML_ONLY,
RCVD_IN_BSP_TRUSTED,URIBL_OB_SURBL autolearn=ham version=3.1.7
Received: from [64.125.115.51] (helo=sfo-mta-05.taggedmail.com)
by satellite.dnsprotect.com with esmtp (Exim 4.52)
id 1GwTiu-0005KQ-6H
for rsuleiman@msc-sy.com; Mon, 18 Dec 2006 20:24:52 -0500
Received: from taggedmail.com (unknown [10.15.10.16])
by sfo-mta-05.taggedmail.com (Postfix) with ESMTP id 87B3DFC1D0
for <rsuleiman@msc-sy.com>; Mon, 18 Dec 2006 17:24:53 -0800 (PST)
Reply-to: Litton Yan <evertrust1999@yahoo.com>
X-Log-Id: 975032882
From: Litton Yan <evertrust1999@yahoo.com>
To: rsuleiman@msc-sy.com
Subject: Litton has Tagged you! :)
MIME-Version: 1.0
Accreditor: Habeas
X-Habeas-Report: Please report use of this mark in spam to <http://www.habeas.com/report/>
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <20061219012453.87B3DFC1D0@sfo-mta-05.taggedmail.com>
Date: Mon, 18 Dec 2006 17:24:53 -0800 (PST)
X-OriginalArrivalTime: 19 Dec 2006 01:29:03.0078 (UTC) FILETIME=[110A4060:01C7230D]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-3.6.1039-14882.000
X-TM-AS-Result: No--2.723700-4.000000-31
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from exchange-pop3-connector.com ([192.168.1.254]) by mserver.msc-sy.com with Microsoft SMTPSVC(6.0.3790.0);
Tue, 19 Dec 2006 00:30:22 +0200
Return-path: <tvandykeehek@centerforlivingart.com>
Envelope-to: dtx@msc-sy.com
Delivery-date: Mon, 18 Dec 2006 17:24:03 -0500
Received: from msc by satellite.dnsprotect.com with local-bsmtp (Exim 4.52)
id 1GwQtr-0004NQ-53
for dtx@msc-sy.com; Mon, 18 Dec 2006 17:24:03 -0500
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
satellite.dnsprotect.com
X-Spam-Level: ****
X-Spam-Status: No, score=4.9 required=5.0 tests=BAYES_99,EXTRA_MPART_TYPE,
HTML_30_40,HTML_MESSAGE autolearn=no version=3.1.7
Received: from [212.166.233.29] (helo=centerforlivingart.com)
by satellite.dnsprotect.com with smtp (Exim 4.52)
id 1GwQth-0004F7-FJ; Mon, 18 Dec 2006 17:23:58 -0500
Message-ID: <d62501c722cf$95c8d4d0$e4241856@tvandykeehek>
Reply-To: "Shonda Carr" <tvandykeehek@centerforlivingart.com>
From: "Shonda Carr" <tvandykeehek@centerforlivingart.com>
To: "Larry Watkins" <dtx@msc-sy.com>
Cc: "Enoch Phillips" <claim@msc-sy.com>,
"Cherlyn" <cptn.suleiman@msc-sy.com>,
"Lorita Mcdonald" <a-hajabdulkader@msc-sy.com>,
"Darnell Clark" <export@msc-sy.com>,
"Joline" <rsuleiman@msc-sy.com>
Subject: Im sorry
Date: Mon, 18 Dec 2006 18:08:56 -0400
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_33A_4C96_E3241B7A.8AF49380"
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4922.1500
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4922.1500
X-OriginalArrivalTime: 18 Dec 2006 22:30:22.0890 (UTC) FILETIME=[1B4F60A0:01C722F4]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-3.6.1039-14882.000
X-TM-AS-Result: No-3.872700-4.000000-31
------=_NextPart_33A_4C96_E3241B7A.8AF49380
Content-Type: multipart/alternative;
boundary="----=_NextPart_2CE_57FC_2AC4544D.546D6545"
------=_NextPart_2CE_57FC_2AC4544D.546D6545
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
------=_NextPart_2CE_57FC_2AC4544D.546D6545
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
------=_NextPart_2CE_57FC_2AC4544D.546D6545--
------=_NextPart_33A_4C96_E3241B7A.8AF49380
Content-Type: image/gif;
name="mogite.gif"
Content-Transfer-Encoding: base64
Content-ID: <db51201c722cf495c48f10203d25b1@tvandykeehek>
------=_NextPart_33A_4C96_E3241B7A.8AF49380--
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from exchange-pop3-connector.com ([192.168.1.254]) by mserver.msc-sy.com with Microsoft SMTPSVC(6.0.3790.0);
Mon, 18 Dec 2006 21:40:59 +0200
Return-path: <campgroundsgentrified@abg.ru>
Envelope-to: dtx@msc-sy.com
Delivery-date: Mon, 18 Dec 2006 14:38:23 -0500
Received: from msc by satellite.dnsprotect.com with local-bsmtp (Exim 4.52)
id 1GwOJS-0005JV-Ge
for dtx@msc-sy.com; Mon, 18 Dec 2006 14:38:22 -0500
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
satellite.dnsprotect.com
X-Spam-Level: ***
X-Spam-Status: No, score=4.0 required=5.0 tests=BAYES_99,DATE_IN_PAST_03_06
autolearn=no version=3.1.7
Received: from [66.97.203.99] (helo=saddleup-ddi9fm)
by satellite.dnsprotect.com with esmtp (Exim 4.52)
id 1GwOJS-0005Iy-29
for dtx@msc-sy.com; Mon, 18 Dec 2006 14:38:14 -0500
Received: from 217.16.16.81 (HELO mx1.masterhost.ru)
by msc-sy.com with esmtp (PWK=I21>S7 .Q4-8)
id G)H(,,-..Z6.0-R?
for dtx@msc-sy.com; Mon, 18 Dec 2006 19:38:19 +0480
From: "Brain Lloyd" <campgroundsgentrified@abg.ru>
To: <dtx@msc-sy.com>
Subject: Brain
Date: Mon, 18 Dec 2006 19:38:19 +0480
Message-ID: <01c722dc$11e29540$6c822ecf@campgroundsgentrified>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Thread-Index: Aca6QV6+Q@4.(0--7RK83A9?6T5+5O==
X-OriginalArrivalTime: 18 Dec 2006 19:41:00.0125 (UTC) FILETIME=[71D480D0:01C722DC]
X-TM-AS-Product-Ver: SMEX-7.0.0.1499-3.6.1039-14880.002
X-TM-AS-Result: Yes-15.744800-4.000000-31
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
These are some of the header .. Hopfully some one can help
NOTE THAT THAT THE EXCHANGE IS NOT OPEN RELAY
|
|
|
|