I have a customer running Exchange 2000 SP3 and all updates. They run client side Virus engines (on Workstations) and a virus scanner on the server but not with an Exchange plug in. We are getting hundreds of e-mails with Netsky virus or similar. The workstation anti-virus is picking these up. But, we are getting hundreds addressed to the correct domain but the wrong name. Exchange is bouncing these and sending them back to the spoofed user. They then contact us and say our IP is sending virus mail. How do I turn off all auto-replies and how do I auto dump these messages? They are ending up in badmail. There were 568 of them.
In a nutshell, you need something that can intercept these bad messages before they enter your Exchange organization. This is done by performing content filtering of messages prior to them entering an Exchange server store in your organization. The two most common ways to do this are:
- Use a firewall, like ISA Server, that can read the contents of an SMTP payload and block the packets of certain content (e.g., a NETSKY virus or an unwanted virus message generated as a result of your domain spoofing).
- Use third-party anti-virus/anti-spam software that scans the message either before it enters Exchange, or while it's in the Exchange transport stack (e.g., an SMTP event sink-based scanner).
Of course, there are also anti-virus and content filtering software packages that work at the Exchange store level. But ideally you'll want to filter this stuff well before it gets to an Exchange information store.
So for right now, you might consider throwing up an edge SMTP server or firewall server that can scan and clean these messages and then send the good/wanted messages on to Exchange. Or, you could upgrade your software and experience the benefits of running Exchange 2003 in tandem with Outlook 2003. If this sounds interesting to you, be sure to check out my upcoming SearchExchange.com webcast entitled, "Reducing unwanted e-mail with Exchange 2003 and Outlook 2003."
Dig Deeper on Exchange Server setup and troubleshooting
In the past, writing malware was about gaining respect in the hacker community. However, the latest generation of malware writers are no longer interested...
Related Q&A from SearchExchange Staff
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.