Wazoo Posted October 21, 2005 Share Posted October 21, 2005 Based on last "data point" entered (see post #21) .. am tagging this as Resolved. Congrats! Link to comment Share on other sites More sharing options...
TMG Posted October 21, 2005 Author Share Posted October 21, 2005 Based on last "data point" entered (see post #21) .. am tagging this as Resolved. Congrats! 34547[/snapback] Yep I believe the problem is resolved. It appeared to be a hijacked client machine on the LAN which was generating the spam mail. The machine was actually not even supposed to be on the network, it was sitting in a pile of decomissioned workstations ready for the bin, a couple of our employee's decided they still had a use for it so plugged it back in, even though the software was outdated and unpatched and it did not show on my anti virus network administration tool so I was unaware for a while that it was even on the network with outdated anti virus software. :angry: A scan on the troublesome PC revealed it was riddled with virus infections. I removed this workstation, blocked all outgoing port 25 traffic at the firewall except for the mail server address. I also tightened our mail server security a little but this was more of a preventative measure as the spam mail from this scenario was not using our network mail server(I could not find any reference to the mail in the mail server logs) Thanks for the help in tracking the problem down everyone. Link to comment Share on other sites More sharing options...
Merlyn Posted October 21, 2005 Share Posted October 21, 2005 It's always nice to see a responsible mail admin Link to comment Share on other sites More sharing options...
Jeff G. Posted October 21, 2005 Share Posted October 21, 2005 It's always nice to see a responsible mail admin 34557[/snapback] Yes, it sure is! Thanks for helping to protect the Internet, TMG! Link to comment Share on other sites More sharing options...
Wazoo Posted October 21, 2005 Share Posted October 21, 2005 Trying to shake that feeling that "a pile of decomissioned workstations ready for the bin" contains better hardware than what I'm using right now <g> And the "decommissioned" phrase doesn't necessarily fly that the hard drives would still be in place, useable ... ???? Link to comment Share on other sites More sharing options...
Jeff G. Posted October 21, 2005 Share Posted October 21, 2005 Trying to shake that feeling that "a pile of decomissioned workstations ready for the bin" contains better hardware than what I'm using right now <g>34590[/snapback] Me too. Link to comment Share on other sites More sharing options...
TMG Posted October 23, 2005 Author Share Posted October 23, 2005 Trying to shake that feeling that "a pile of decomissioned workstations ready for the bin" contains better hardware than what I'm using right now <g> And the "decommissioned" phrase doesn't necessarily fly that the hard drives would still be in place, useable ... ???? 34590[/snapback] Well actually, the 'bin' isnt entirely correct! These are workstations that arent up to the task of running our current applications anymore. Some of them get used for 'test' machines(we calibrate sceintific equipment and can use some of the older PC's as GPIB interfaces to the equipment), some of them with problems are kept for spare parts to maintain other older machines and usually the only ones that actually get thrown in the bin(unless any of the staff want them) are those that have been canabalised to fix other machines and are no longer worth the space they take up! We're a small family owned business so the IT budget isnt big! But we did just upgrade a bunch of PC's not long ago and the offending PC in this case was one they stole to use as a GPIB interface but the software hadnt been updated since it was removed from the network about 12 months ago. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.