My Win2K webserver has SP3 and all the pre-SP4 patches, but my Event viewer gets filled with the following events:
"Message delivery to the remote domain 'yahoo.co.kr' failed for the following reason: the remote server did not respond to a connection attempt."
The remote domain changes, sometimes appearing like a legitimate domain, but the messages are identical.
Furthermore, my inetpub/mailroot/queue and inetpub/mailroot/badmail folders get filled with junk emails from anonymous or bogus senders, so it looks like my SMTP is being used by an outside source to send spam.
I installed Symantec Antivirus Corporate Server Edition, but it found nothing on my server.
On the MS website, I found an old pre-SP3 article/patch (Q302755) that fixes a problem with SMTP authentication. I would think that because I have SP3 and all the pre-SP4 patches, this problem could not exist anymore, but when I checked the registry for the proof that this patch was installed, the registry key was missing. Hmmm. So I uninstalled all the hotfixes and SP3, then installed that Q302755 patch and verified in the registry that it installed OK, then I re-installed SP3 and all the pre-SP4 patches again and guess what?...the proof that Q302755 was installed is missing again from the registry. The spam is still coming, so now what can I do?
"Message delivery to the remote domain 'yahoo.co.kr' failed for the following reason: the remote server did not respond to a connection attempt."
The remote domain changes, sometimes appearing like a legitimate domain, but the messages are identical.
Furthermore, my inetpub/mailroot/queue and inetpub/mailroot/badmail folders get filled with junk emails from anonymous or bogus senders, so it looks like my SMTP is being used by an outside source to send spam.
I installed Symantec Antivirus Corporate Server Edition, but it found nothing on my server.
On the MS website, I found an old pre-SP3 article/patch (Q302755) that fixes a problem with SMTP authentication. I would think that because I have SP3 and all the pre-SP4 patches, this problem could not exist anymore, but when I checked the registry for the proof that this patch was installed, the registry key was missing. Hmmm. So I uninstalled all the hotfixes and SP3, then installed that Q302755 patch and verified in the registry that it installed OK, then I re-installed SP3 and all the pre-SP4 patches again and guess what?...the proof that Q302755 was installed is missing again from the registry. The spam is still coming, so now what can I do?
