Outbound queue is full with SPAM emails. Internal users' email boxes have been intruded and used as SPAM senders.

Article:TECH165401  |  Created: 2011-07-25  |  Updated: 2011-10-06  |  Article URL http://www.symantec.com/docs/TECH165401
Article Type
Technical Solution


Issue



Outbound queue is full with SPAM emails. Internal users' email boxes have been intruded and used as SPAM senders.


Cause



Mail server keeps POP3 and SMTP ports - TCP 110 and 25 open on Internet.

Hackers cracked the passwords of some users and used them as SPAM senders to spread SPAM emails.


Solution



1. Block the POP3 and SMTP ports - TCP 110 and 25 of mail server with a gateway firell or router from Internet.

2. Or change the 2 ports to POP/S and SMTP/S encrypted ones. Implement hardware token on mail server for the authentication of the email users.

3. Change the passwords of the cracked email boxes and require a stronger password policy.

 




Article URL http://www.symantec.com/docs/TECH165401


Terms of use for this information are found in Legal Notices