I read the original post on bugtraq. He blames Microsoft, and he may have a point, but I can't blame the vendor without eliminating admin error first (yes, personal experience). This isn't a sendmail box. You don't just go into windows explorer and delete things.
William -----Original Message----- From: David N Precht [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 11, 2001 9:46 AM To: MS-Exchange Admin Issues Subject: RE: From NTbugtraq, but any thoughts for him ? William, I knew you or Martin, would come back with something like that. That is the precise reason I sent it ! (BTW, are you a comedian on the side or in a past life ?) Dave --- "Lefkovics, William" <[EMAIL PROTECTED]> wrote: > Yes. Hire an Exchange admin. > > > -----Original Message----- > From: David N Precht [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, December 11, 2001 9:38 AM > To: MS-Exchange Admin Issues > Subject: From NTbugtraq, but any thoughts for him ? > > > Team, > > I am trying to find out how someone managed to use > my > Exchange server as a relay for sending spam. I am > running Exchange 5.5 with service pack 4.0 . The > only > thing this Exchange server does is act as a relay > point for an application. This server sits behind a > firewall. I looked at the firewall ACL and found > that > the external IP address had SMTP traffic open to the > world. That answers the questions as to how they > managed to get SMTP access to the server. I have > since > blocked this ACL. > > What I don't understand is how MS Exchange Server > 5.5 > allowed the traffic to pass through? I specified by > host IP in Exchange what servers where allowed to > relay mail. How did someone manage to use my > Exchange > server to spam without being on the list of allowed > servers? I noticed that 10,000 e-mails were stuck in > the que and I could not delete them. I uninstalled > the > "Internet Mail" connector and re-installed, but the > backed up messages were still there? What directory > are these messages stored so I can delete them from > Windows Explorer? Any information provided is > greatly > appreciated. > > Thanks...JS > > __________________________________________________ > Do You Yahoo!? > Check out Yahoo! Shopping and Yahoo! Auctions for > all of > your unique holiday gifts! Buy at > http://shopping.yahoo.com > or bid at http://auctions.yahoo.com > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm