Block chinese characters??? RSS

1

One user on our domain is receiving hundreds of spam emails. I have added his email to the senders blacklist but they are still coming through??

Version: 4.4 REGISTERED
Log Mode: Verbose
Server:
Source: SMTPSVC-1
Time: 5/23/2011 1:17:33 PM
Class: System Message
Severity: Information
Actions: (not available)
Filtering Point: Non-filtering
HELO/EHLO Domain: (not available)
Related IP Address: 65.54.188.72
Message ID: (not available)
Email Subject: mgo1--高 级 秘 书、助 理 和 行 政 人 员 技 能 提 高 训 练 营Ё
Sender:
Recipient(s):
*
*
*
*
*
*
*
*
*
Message:
Added "" to the Auto Sender Whitelist.

by mark rosenbaum 7 years ago
2

@mark rosenbaum: The senders name is a user on our domain and he is using a MAC

by mark rosenbaum 7 years ago
(in reply to this post)

3

@mark rosenbaum: According to the log message, this is an outgoing email relayed thru your server, which ORF will not filter (it is designed to filter incoming emails only). Most likely, a spammer has the username/password combination of this user and using this account to relay spam out using your server. I strongly suggest changing the password of this account immediately and make sure you allow only authenticated users to relay.

by Krisztian Fekete (Vamsoft) 7 years ago
(in reply to this post)

4

@Krisztian Fekete (Vamsoft): changed password and it is still happening

by mark rosenbaum 7 years ago
(in reply to this post)

5

Disabled account in active directories and the messages are still coming through???

by mark rosenbaum 7 years ago
6

@mark rosenbaum: If disabling the account won't stop it, that could mean the spammer is able to relay without authentication. Are you sure relaying restricted to authenticated users only?

See these articles:

http://www.petri.co.il/preventing_exchange_2000_2003_from_relaying.htm

http://support.microsoft.com/?id=324285

by Krisztian Fekete (Vamsoft) 7 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

Nickname:
Email address (will not be published):
Your comment:

ORF Technical Support

Configuring, installing and troubleshooting ORF.

News & Announcements

Your dose of ORF-related news and announcements.

Everything but ORF

Discuss Exchange and system administration with fellow admins.

Feature Test Program

Feature Test Program discussion. Membership is required to visit this forum.

ORF Beta

Join the great bug hunt of the latest test release.

Customer Service

Stay Informed