PC Magazine's Editors Choice & Top Pick for the SMB
How it worksFree TrialVIP RewardsCompare all vq Products
Company Products Features Partners Support The Lab Contact Us Home
 Vanquish Forum Index  FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Resume outgoing mail after spam sent from your server

 
Post new topic   Reply to topic    Vanquish Forum Index -> vqSA/vqNow Admin Community
View previous topic :: View next topic  
Author Message
--VQ--
Site Admin


Joined: 06 Jan 2003
Posts: 590

PostPosted: Thu Sep 04, 2008 8:01 am    Post subject: Resume outgoing mail after spam sent from your server Reply with quote

Question:
My mail server was blocked from sending through vqNow after Spam was relayed from here. How can I resume sending?

Answer:
You can send immediately, by routing outboing mail directly onto the internet rather than relaying through the vqNow security server. To do this, remove the relay setting on your mail server (on Exchange, reset the Smart Host or SMTP Connector)...But we don't recommend that you do this until you have located the virus or security breech that caused your server to issue spam in the first place!

Here are the steps to fix the problem at your end and to remove your outgoing email restrictions:

1. First, block the IP address from which the spammer is gaining access to your mail server. To determine the IP address, inspect the headers of a few spam emails within your own server. This will also tell you if the spammer is authenticating as a user or if he is just relaying through your server.

2. Next, determine how the spam is entering your server so that your response is appropriate to the breech. That means that you must either detect the virus that is sending from within your organization (check every PC and the mail server) -or- determine the user password that is being used by an outside spammer to authenticate.

Note: If you are not requiring individual user authentication, then you are operating an open relay. This may be the source of your problem.

3. Next, cut off the spammer by responding with the action that is appropriate. You must either:
  • Shut down your open relay - if you have one
  • Remove the virus (and running AV and Antispyware on all PCs and servers)
  • Change the user password that has leaked
4. Finally, you must contact Vanquish to resume your trusted IP relay. For this, you must complete steps 1,2,3. We cannot resume outgoing mail privileges until you are certain that the virus or leaked password has been removed from your entire network.

Use this form to request the restoration of your sending privileges. Remind our technician to re-enable 3 things. (Depending upon the severity of your situation, we may have blocked one or more of these things:
  • Remove SMORF block
  • Re-authorize trusted IP relay
  • Check for IP range exclusion
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Vanquish Forum Index -> vqSA/vqNow Admin Community All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2003 phpBB Group