Compromised Server

This is the area for a general support questions, discussions and information that you can read and share. Post your experiences, stats and tricks and tips that are not covered elsewhere. Remember, for questions please search the FAQ first, as your question may already be answered.

Moderators: wizard, magicspam

Post Reply
raymondlee
Posts: 17
Joined: Thu Mar 05, 2009 1:11 pm
Contact:

Compromised Server

Post by raymondlee » Fri Jul 23, 2010 10:05 pm

On average there are about 5000 emails that are not spam that pass through our server, however a spike on the 21st showed that 211424 emails were not spam. [img]http://brainstormvideo.ca/raymond/statsjuly21.JPG[img]

Our IT found that The info@sitename.com account was being used to send out spam messages. He changed the password on info@sitename.com and removed all of the spam messages from the queue.

Now I read on Magic Spam under "Compromised Servers" that By using MagicSpam, ISP's can protect their servers from further compromises and block existing outgoing spam.

I've read that a program called spamdyke is a filter for monitoring and intercepting SMTP connections between a remote host and a qmail server. Spam is blocked while the remote server (spammer) is still connected; no additional processing or storage is needed.

My question is besides having the client create a stronger password is there a program that you sell for situation like this.

I just hope with that many email s being sent from our server that we are not blacklisted

Thanks,
Raymond

magicspam
Posts: 1553
Joined: Tue Oct 28, 2008 2:27 pm

Re: Compromised Server

Post by magicspam » Mon Jul 26, 2010 9:48 am

Depending on the size of your organization, you may want to look at another one of our products - MagicMail. It provides you with a full set of tools for managing your mail server and protecting your users, including rate-limiters to limit messages from a given host/user and content filtering. If you would like to know more, the website is http://magicmail.linuxmagic.com/

From how you're describing spamdyke, that's how MagicSpam functions as well. We tie into the SMTP process and check connections against the enabled lists and policies while the remote server is still connected. This way we can block a connection before it can send a message so your server saves resources and doesn't generate backscatter, which can potentially land you on someone's blocklist. MagicMail does the same, and more.
-- MagicSpam Support Team --

Post Reply

Return to “General Discussions and Support Questions”

Who is online

Users browsing this forum: No registered users and 19 guests