should have worked better!
a
From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: 25 February 2012 14:11
To: MS-Exchange Admin Issues
Subject: RE: internal spam
Just an FYI.
If you allow OWA to the iinterweb, these scammers have scripts that can
spam via
-Exchange Admin Issues
Subject: RE: internal spam
The accounts have been compromised…usually via a phishing attempt. So the
entire process of the internal attack is with a valid authenticated acct. We
have our SMTP services set to be authenticated…the problem is looking for a
process that we
Admin Issues
Subject: RE: internal spam
You need to restrict which boxes are allowed to talk SMTP to your SMTP relays.
Should only be your exchange servers and a few other boxes, as needed.
It’s worth packet-sniffing the SNMP traffic to these boxes (which will identify
the spambots if they’re
, February 24, 2012 6:38 PM
To: MS-Exchange Admin Issues
Subject: RE: internal spam
The accounts have been compromised…usually via a phishing attempt. So the
entire process of the internal attack is with a valid authenticated acct. We
have our SMTP services set to be authenticated…the problem
Infrastructure Engineer
Hoople Ltd | Thorn Office Centre | Hereford HR2 6JT
Tel: 01432 260415 | Email: phil.ran...@hoopleltd.co.uk
From: Sharp, Kevin [mailto:kevin.sh...@usask.ca]
Sent: 24 February 2012 17:20
To: MS-Exchange Admin Issues
Subject: internal spam
I'm wondering how people are dealing
Maybe easier said than done if the clients are using POP.
From: Randal, Phil [mailto:phil.ran...@hoopleltd.co.uk]
Sent: Friday, February 24, 2012 11:30 AM
To: MS-Exchange Admin Issues
Subject: RE: internal spam
The devil's in the detail?
How are the infected boxes sending the emails? Via SMTP
, Kevin
[mailto:kevin.sh...@usask.ca]mailto:[mailto:kevin.sh...@usask.ca]
Sent: 24 February 2012 17:20
To: MS-Exchange Admin Issues
Subject: internal spam
I'm wondering how people are dealing with compromised accounts in Exchange
sending large volumes of email...essentially an internal spam attack
.
http://www.msexchange.org/articles_tutorials/exchange-server-2010/monitoring-operations/preventing-autoreply-storms-part1.html
From: Sharp, Kevin [mailto:kevin.sh...@usask.ca]
Sent: Friday, February 24, 2012 11:20 AM
To: MS-Exchange Admin Issues
Subject: internal spam
I'm wondering how people
that is a legit address?
From: Sharp, Kevin
Sent: Friday, February 24, 2012 12:19 PM
To: MS-Exchange Admin Issues
Subject: internal spam
I’m wondering how people are dealing with compromised accounts in Exchange
sending large volumes of email…essentially an internal spam attack
helped, but like any good phishing
attack, it only takes one bite to cause this problem.
Thanks
Kevin
From: Mike Tavares [mailto:miketava...@comcast.net]
Sent: Friday, February 24, 2012 4:26 PM
To: MS-Exchange Admin Issues
Subject: Re: internal spam
1 question just to clear up some confusion
10 matches
Mail list logo