Hello all I am having problems with a spam problem. I have reason to believe there may be a file generating Bad Mail on my system but can't find the source. I don't believe I'm being spammed from an outside source, because I disabled the network cards on the server and the C drive still started to fill up. Can anyone help me out. All help is greatly appreciated
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Hello all I am having problems with 1
- Thread starter razr
- Start date
- Thread starter
- #4
Well I'm not sure its not a virus but I have the latest definition file from Symantic and no virus alerts popped up on the server. But something has disbled my anti virus program in the last day or 2.On the C drive of my echange srver the is a folder called Badmail and there are 3 file extensions of .BAD,.BDR,.BDP and are 2 -7 Kb in size but they are constantly being generated and right now I have to go to the command prompt and navigate to that folder and erase these files or it will bury my drive.
you have a virus
go here, i use this for machines that don't have a virus scanner on board, or they have screwed up their machine:
go here, i use this for machines that don't have a virus scanner on board, or they have screwed up their machine:
Sounds like somebody dropped a spambot on your server.
Disable NDR's to the Internet to stop from filling up the badmail folder until you can find the source and remove it.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
Disable NDR's to the Internet to stop from filling up the badmail folder until you can find the source and remove it.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
- Thread starter
- #7
- Thread starter
- #9
-
1
- #10
Hi,
Open System Manager, Expand Global settings, Click on Internet Message Formats, Right click on "Default" in the right hand pane and choose properties, choose the "Advanced" tab, Make sure the option "Allow Non Delivery Reports" is unchecked.
Bad mail goes to the Bad Mail folder. What is bad mail? It usually relates to a message that was undeliverable and can't get a NDR back to the originating system. and has three parts to it: (0083.bad, 0083.bdr, and 0083.bdp (I left out a lot of the Hex for brevity)).
By turning off the Allow NDR, your system will only report internal NDR's to this folder. This will also reduce how fast that folder fills up. I would also assume you have relaying turned off and that you have checked for possible internal spammer(this is a stretch, but it has been known to happen).
Take what you need, disregard the rest, and hopefully I have helped you a little.
Wyz
Open System Manager, Expand Global settings, Click on Internet Message Formats, Right click on "Default" in the right hand pane and choose properties, choose the "Advanced" tab, Make sure the option "Allow Non Delivery Reports" is unchecked.
Bad mail goes to the Bad Mail folder. What is bad mail? It usually relates to a message that was undeliverable and can't get a NDR back to the originating system. and has three parts to it: (0083.bad, 0083.bdr, and 0083.bdp (I left out a lot of the Hex for brevity)).
By turning off the Allow NDR, your system will only report internal NDR's to this folder. This will also reduce how fast that folder fills up. I would also assume you have relaying turned off and that you have checked for possible internal spammer(this is a stretch, but it has been known to happen).
Take what you need, disregard the rest, and hopefully I have helped you a little.
Wyz
- Thread starter
- #12
Thank you for your help I just unchecked NDR and yes i have those 3 types of files mentioned and my relay is turned off. Is there a possibility of a spambot on my server and if so do you know what program can detect it and destroy it? Again thanks for your help.....!!!!!
Hi,
try this:
This site should give you some good information, but there are others out there.
Books I recommend: Mastering Microsoft Exchange Server by Barry Gerber, A Microsoft Press book: Exchange 2000 Server Administrator's Companion.
Wyz
try this:
This site should give you some good information, but there are others out there.
Books I recommend: Mastering Microsoft Exchange Server by Barry Gerber, A Microsoft Press book: Exchange 2000 Server Administrator's Companion.
Wyz
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Helpful tip
- Locked
- Question