Server being used for spam? (Full Version)

All Forums >> [Microsoft Exchange 2000] >> Server Security



Message


Hellbore -> Server being used for spam? (13.Jun.2003 2:44:00 AM)

Lately our Exchange server has been being hit by LOTS of spammers. It's an Exchange 2000 version 6 server with the latest updates... This is how they are getting around the security:

Say our email domain is ourdomain.com and the person they are trying to spam is victim@isp.com

They send a message like this:

mail from: whoever@whatever.com
rcpt to: <victim%isp.com@ourdomain.com>

Our stupid server thinks the email is supposed to be for ourdomain.com but SOMEHOW it actually gets delivered to victim@isp.com ! The % gets turned into a @ or something.

Anyone know how I can stop this from happening? It seems to be a common exploit, because my friend who is running the latest version of Post.Office (a different email server) has the SAME vulnerability on his machine!




brianfrazer -> RE: Server being used for spam? (2.Jul.2003 5:44:00 PM)

Sounds like you need to set your relay option to not allow relaying. If you have users that need to send from home through your server then you can allow authenticated users to relay, but you will need to set the security on their off-site machines or they will be denied as well.

Hope this helps..........Brian




Page: [1]