Outside.com to Outside.com - Spam & Phishing Schemes - Blacklist I

TheMSsForum.com: The Microsoft Software Forum

Our Exchange Server is transferring messages with the SMTP connector from
onlineservice@bankofamerica.com to recipients outside our domain.

Thanks,
Bedub
Top

Re: Outside.com to Outside.com - Spam & Phishing Schemes - Blacklist I by Mark

Mark
Wed Feb 07 01:37:16 CST 2007

On Tue, 6 Feb 2007 21:33:01 -0800, Bedub1
<Bedub1@discussions.microsoft.com> wrote:

>Our Exchange Server is transferring messages with the SMTP connector from
>onlineservice@bankofamerica.com to recipients outside our domain.
>
>Thanks,
>Bedub

Are you sure it's just not trying to send non delivery messages back
to the alleged (obviously not actual) senders of the message?
If you think you're relaying you will be seeing queues to a lot more
than this one domain, a common spamming/phishing target.
Top

Re: Outside.com to Outside.com - Spam & Phishing Schemes - Blacklist I by Bedub1

Bedub1
Wed Feb 07 10:47:49 CST 2007

Mark,

Thanks for the response. Please let me try to provide a detailed
explanation.

I would like our mail server to process mail as follows:

incoming: Allow * From * to mydomain.com Symantec Mail Security
for Exchange will delete incoming Spam
Ougoing: Allow * From mydomain.com to * We won't perform
outbound spam filtering
not me: Block * from notmydomain.com to notmydomain.com

We had about 10 mail messages, with 10 recipents per message, from
service@bofa.com, with targets spread through hotmail, aol, myspace,
colleges, etc. all alphabeticall... Bam1@aol.com, bam2@hotmail.com,
bammam@yahoo.com, band23@msn.com, etc.....

We also have about 500 delay-NDR messages outbound for service@bofa.com.

How do I prevent the server from sending NDR and Delay notifications to
recipients outside mydomain.com?

What settings apply to inbound SMTP connections, and which settings apply to
outbound? Is it possible to think of exchange in terms of Traffic Flow like
a firewall or router/switch?

Whats the best book to read for Small Business, non-clustering, single
server deployment sitiuations? I checked out the Exchange Server Cookbook,
then the Exchange 2003 Microsoft Certification Book....but I haven't been
impressed really.

We have started showing up on blacklists for spammers...
This started because the server was an open relay. I have since closed that
down...but it appears they found another way in. Once I fix this I plan to
IP hop...but first I have to stop them from getting in...i can run but I
can't hide so I need to fortify.

Thanks
Bedub1




"Mark Arnold [MVP]" <mark@mvps.org> wrote in message
news:d90js292d5nvodm8kj5ft2ceabd3s455ju@4ax.com...
> On Tue, 6 Feb 2007 21:33:01 -0800, Bedub1
> <Bedub1@discussions.microsoft.com> wrote:
>
>>Our Exchange Server is transferring messages with the SMTP connector from
>>onlineservice@bankofamerica.com to recipients outside our domain.
>>
>>Thanks,
>>Bedub
>
> Are you sure it's just not trying to send non delivery messages back
> to the alleged (obviously not actual) senders of the message?
> If you think you're relaying you will be seeing queues to a lot more
> than this one domain, a common spamming/phishing target.


Top