Spam!
No, not the Monty Python show tune, nor the gelled pig fat in a can.
Actual spam.
As I've mentioned before I am not a trained IT professional, but I play one in real life.
The bullet point version:
* Early on a Tuesday morning I sent an email to be greeted momentarily with a Non-delivery report.
* A quick check of email blacklists shows Megabuildingarchitects.com on two blacklists for SPAM.
* A glance at the outgoing email queue shows thousands of emails rejected by the recipents waiting for resend.
* SHIT!
* suspend the outgoing queue items containing 1035 down to 10 email messages.*
* frantically search the email server to figure out what the eff is going on while researching online.
* Event viewer shows a successful logon by the firm founder...hmmmm....who passed away over a year ago.
* Disable founder's account and every other non-essential account...oops not that one.
* Spammer is locked out but spam continues to inflow.
* In the Exchange 2007 receive connectors I find an encrypted IP address.
* Delete Encrypted IP address and spam stops like a switch is thrown.
Sounds like this took all of thirty minutes no? Try 4..long... days.
It took another week or so to get de-listed form the email black lists.
The spammer has a bot sitting out there, or in here somewhere, that continues to randomly try log on IDs and Passwords.
My favorite ID attempt was "BATMAN"
Meanwhile, my other full time projects (3) grind on.
* My best guess is that tens of thousands of spam email messages were relayed out before we got black listed. If you received an email from Megabuildingarchitect.com promising to make your penis immensely large by only taking this one weird supplement, I humbly apologize.
No comments:
Post a Comment
Comments are not moderated. Disagreement is fine as long as you address the message, not the messenger. In other words, don't be an ass.