Jump to content

jkee

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About jkee

  • Rank
    Member
  1. jkee

    Can't seem to find problem

    thanks, i think bringing in the outside consultant is the way to go, we're spending more time (=money) researching this than it would probably take someone to come in and look at. thanks again to everyone, on the pros..
  2. jkee

    Can't seem to find problem

    On the default smtp virtual server, I unchecked the boxes for integrated windows authentication and basic windows authentication and it seemed fine, but all of a sudden all of my users were unable to send emails. I have since rechecked the boxes and it's enabled sending, any ideas? Thanks
  3. jkee

    Can't seem to find problem

    Does that mean that the traffic has increased that much in the past day? Meaning everything I've done has actually done more harm than good?
  4. jkee

    Can't seem to find problem

    I did read those first two posts prior to posting, but why does Microsoft advise to keep the Basic Authentication and Integrated Windows Authentication checked? To be honest, you have all been very helpful, most forums get perhaps one response per day and this one has been outstanding (despite the subtle sarcasm)... I addressed the issue with the SMTP Auth hack, is there a way that you can check to see if things have died down. I am working on updating all of the passwords, but I know that's not going to be an overnight change. It will get done this week whether the users like it or not, but just curious to see if we've closed all of the potential loopholes. Thanks again.
  5. jkee

    Can't seem to find problem

    No, I knew it wasn't personal, it's just been frustrating dealing with all of this stuff and I know that I'm not equipped to manage this solution. I just have some rather high profile customers on the server that don't understand the spam listings very well and get easily angered when their email is rejected. I do appreciate everyone's help though and look forward to getting this resolved..
  6. jkee

    Can't seem to find problem

    Please don't take this the wrong way, all I am here for though is to seek help. I didn't ask for this situation, it was thrown at me (not optional here). I am going to take the next step and reset each user's password as recommended. If anyone can provide any further constructive help, I'd greatly appreciate it. Thanks to those of you that have helped..
  7. jkee

    Can't seem to find problem

    I apologize for my lack of knowledge, our Exchange admin left a few weeks ago and this was thrown on me. I am by no means an Exchange expert, I'm just trying to keep things afloat until a new Admin is hired. I spent the last week searching for Exchange exploits and "lockdown" policies that weren't currently being used. We were delisted from the PSBL blacklist, so I assumed we had taken a step in the direction. The reason we haven't reset each of the user's passwords is because there are approximately 400 users on the box which isn't that much, but these users would object to having to update all of their passwords on the client side. Where in the logs would I be able to decipher which user's have been compromised? Again, I do appreciate everyone's help, I'm sure you or someone you know has been in this spot before.
  8. jkee

    Can't seem to find problem

    does Perl need to be on the exchange server itself or can it be on a seperate server?
  9. jkee

    Can't seem to find problem

    Thanks for all of your help. Yes, I did scour the FAQ prior to posting as we've been at this for a week or so. After doing everything I could find in terms of locking down the server, my worst fear was that they were authenticating, but before I started making all of the users change their password, this was my last resort. Your help is greatly appreciated. I have gone ahead and changed the info user's password, is there a way that I can check this as you do? Thanks again for all of your help, hopefully this does it..
  10. We have an Exchange server (ip 208.9.211.11) that continues to get picked up by spamcop and other black lists and I cannot seem to find the problem. Below is a recent example of mail sent to another spamtrap. Any help is greatly appreciated. From polynomialplotters[at]excite.com Sat Oct 23 16:09:13 2004 Delivery-date: Sat, 23 Oct 2004 16:09:13 -0400 Received: from [208.9.211.11] (helo=mail3.wsolutions.net) by mail.victim.example with esmtp (Exim 4.41) id 1CLSCP-0006dM-Qw for psbltrap[at]kernelnewbies.nl; Sat, 23 Oct 2004 16:09:13 -0400 Received: from sashay ([200.140.36.124]) by mail3.wsolutions.net with Microsoft SMTPSVC(5.0.2195.6713); Sat, 23 Oct 2004 15:09:15 -0500 From: "Teresita Julian"<polynomialplotters[at]excite.com> To: psbltrap[at]kernelnewbies.nl Subject: VA1ll|UM, C|AI|I1S, Vl|AGRA. . . Mime-Version: 1.0 Date: 23 Oct 2004 15:09:18 -0500 http://[MUNGED] http://[MUNGED] http://[MUNGED] Cl|CK HERE KN0W MORE http://[MUNGED]/as#polis Thanks
×