1
Combatting outgoing spam
Question asked by Neal Culiner - June 16, 2015 at 5:54 AM
Unanswered
Hello,
 
A user's computer has a virus/trojan and they are blasting out emails.  How can we handle this effectively as SM admin? I'm using SM 14 Enterprise Latest and it seems there are minimal controls for handling OUTGOING spam.  Content filtering appears to only be incoming.  All I can do is enable filters I suppose for outgoing blocks??
 
Thank you

4 Replies

Reply to Thread
1
Bruce Barnes Replied
June 16, 2015 at 6:40 AM
Immediately disable the user's account by setting him to DISABLE AND DON'T ALLOW MAIL.
 
Clean out all of the user's e-mail from your queue - you should be able to sort on the sender's e-mail address and delete them.

Change his password to a SECURE password.
 
Do not allow him to connect any clients until he agrees to use strong passwords and run an antivirus client on the devices.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
Neal Culiner Replied
June 16, 2015 at 1:18 PM
I checked to use message sniffer for outbound SMTP blocking and also checked the SMTP blocking option and set the Quarantine to 15 days.  It appears to be working well while we sort out the issue.  It does appear to be a hack vs. virus/trojan so the password reset is also a great suggestion.  Good advice Bruce - thank you.
0
Bruce Barnes Replied
June 16, 2015 at 1:36 PM
The outbound quarantine can be a life saver.  Glad you got a temporary solution working.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Steve Reid Replied
June 17, 2015 at 6:56 AM
Adding Declude to Smartermail and using the hijack plugin is apparently a good solution to stop outbound spam as well.

Reply to Thread