Back to Community Threads
2
How does spammer use my domain name?
Question asked by michaeljmann - 11/7/2019 at 8:12 PM
Answered
How did this happen?  I changed the setting to not allow domain admin to add users.  Does this mean someone has infiltrated this smartermail installation? I have several other domains.  Did I miss open relay setting?

6 Replies

Reply to Thread
0
michaeljmann Replied
11/8/2019 at 10:21 AM
So I see this entity adding messages to the spool, so I deleted all my domains from SmarterMail.  Yet SM still recognizes activity, notable from an "Anonymous user".  So this begs the question, how was the "anonymous user" created?  Looking for feedback from SmarterTools advise on how this intrusion came about, and implement preventative measures.
0
Employee Replied
11/8/2019 at 5:32 PM
Employee Post
Hi Michael, 

The anonymous user would be anyone viewing the webmail login page that has not yet logged in. 

Thanks, 
0
michaeljmann Replied
11/8/2019 at 9:37 PM
thanks for that info Rose.  Still hoping someone can solve the other part of the puzzle
0
Employee Replied
11/12/2019 at 7:31 AM
Employee Post
Do you have Administrative logging enabled? If so, search the Administrative logs for the term added user, this should give some additional information regarding who created those users and when.
0
Kyle Kerst Replied
11/12/2019 at 4:54 PM
Employee Post Marked As Answer
I'm sorry to hear you're having these issues. I believe you can fix this with a couple of quick changes. Under Settings>Protocols>SMTP IN please ensure you have the following values setup: 



Once set, this will prevent external users from sending mail as users on your domains without authenticating beforehand. Once completed, you can use this KB article to clear out your spool of the malicious content: 
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
1
michaeljmann Replied
11/15/2019 at 4:06 PM
Thank you Kyle and other replies.  Look forward to testing this fix!  
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

554 Error - MTA Poor Reputation FixesSmarterMail > Troubleshooting
Move a Domain from one SmarterMail Server to AnotherSmarterMail > Installation and Configuration
Find a Compromised AccountSmarterMail > Troubleshooting
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus