• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

FBI Director Robert S. Mueller<info@fbi.gov> SPAM attack

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Server Security >> FBI Director Robert S. Mueller<info@fbi.gov> SPAM attack Page: [1]
Login
Message << Older Topic   Newer Topic >>
FBI Director Robert S. Mueller<info@fbi.gov> SPAM... - 27.Oct.2010 12:12:16 PM   
berryguru

 

Posts: 52
Joined: 18.Feb.2010
Status: offline
Our Exchange server is currently sending out spam on behalf of FBI Director Robert S. Mueller, III <info@fbi.gov> and Mrs.Rosalyn Higgins <info@fbi.gov>.  The server currently has 7800 messages in the queue.

The server is not acting as a relay, and we've updated the server with the latest patches.  The queue has been cleared out once manually by booting it into safe mode and clearing he queue.  But first thing the next morning that queue is packed again.  I pulled the logs and found the following:
-The client hostname comes up as 'user'
-The client IP address shows as 207.210.97.47
-Sender address info@fbi.gov

Another interesting thing I found was I installed an application called 'Exchange User Monitor which shows me the User name, Packets, Operations, CPU %, Avg. Server Latency, Bytes In, Bytes Out, and Client Versions.  I see one user that is blank but reveals all information from the montor (ie packets, cpu% ect...).  I found that very odd and wonder if it has anything to do with this hidden 'user' that is spamming.

So my question is has anybody been hit with FBI spam issue?  And have any advice on what to do at this point?  The email addresses don't even appear to be valid.  I mean at this point what can one do?  I've already blocked the IP address, but that's merely a band-aid.

~berry
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Server Security >> FBI Director Robert S. Mueller<info@fbi.gov> SPAM attack Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter