Re: Problems with lots of spam appearing from inet@microsoft.com
From: Stuart Luscombe (stuart.luscombeNOSPAM_at_actifgroup.com)
Date: 12/15/04
- Next message: David M. Streb, MCSE: "Re: Best anti spam software for E2003"
- Previous message: Radovan Vojtek: "Re: Evalutaion to Full"
- In reply to: Stefan Engelbert: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Next in thread: pockettes: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Reply: pockettes: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 15 Dec 2004 06:15:01 -0800
Hi,
Thanks for the response.
Unfortunatly, unplugging the server from the outside world isn't a viable
option right
now as various departments here need to be able to contact people overseas
on a
regular basis.
I have found out that this problem is most likely being caused by the Zafi-D
virus,
given that the contents of the e-mails match up to the description.
I assume when you say to look into the mime header to open the file stored
in the
badmail directory?? As if it is, I have done this and am only getting the IP
of our
mailserver show up. I can see the failure reports in the queue, but not the
incoming
messages, so this maybe why I cannot see them. If so, how can I catch the
original
messages as they are coming in before the server tries to bounce them back?
"Stefan Engelbert" wrote:
> First of all I would unplug the network. Otherwise u soon have thousands of
> mails
> in the queue.
> Then I would check/find out the sending IP Number of that mail. You can look
> into
> the mime theader of these mails.
> Then you add these IPs either to your firewall or to your virtual server
> filter.
> Ideally you would also look for an AntiSPAM Solution which can deal with
> your problem like rejecting or not accepting these connections.
> Stefan
>
>
> "Stuart Luscombe" <stuart.luscombeNOSPAM@actifgroup.com> wrote in message
> news:4BA1049C-AB75-40C4-B7BF-754AF6D94287@microsoft.com...
> > Hi everyone,
> >
> > I'm running a single exchange 2000 server for my employer and over the
> past
> > few hours we have been getting a message from inet@microsoft.com which is
> > not actually directed at any one in the company. I'm sure it's not coming
> from
> > Microsoft at all, but I am receiving a new one to the queue every 10
> seconds
> > or
> > so. I would prefer to just block the address from having anything queue on
> the
> > server but cannot work out how to do this or setup a rule so that the mail
> > falls
> > into the same black hole I have setup for any NDR's that come in.
> >
> > Any ideas would be most appreciated, as the queue is currently at 575
> > messages and climbing every second.
> >
> > --
> > Stuart Luscombe
> > Systems Administrator
> > Actif Group plc
> > http://www.actifgroup.com
>
>
>
- Next message: David M. Streb, MCSE: "Re: Best anti spam software for E2003"
- Previous message: Radovan Vojtek: "Re: Evalutaion to Full"
- In reply to: Stefan Engelbert: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Next in thread: pockettes: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Reply: pockettes: "Re: Problems with lots of spam appearing from inet@microsoft.com"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
