GFI Software Aurea SMB Solutions

Home » GFI User Forums » Kerio Connect » Spam Attack?
Spam Attack? [message #145851] Fri, 24 May 2019 20:25 Go to next message
dimmer is currently offline  dimmer
Messages: 1
Registered: May 2019
Hi, please help me.
Yesterday someone sent out of our server over 1000 spam.
In mail LOG is:
Queue-ID: 5ce6aa0d-000014fa, Service: SMTP, From: <****@b****.cz>, To: <c*****@c***.cz>, Size: 4365, Sender-Host:, User: ****<_at_>b**.cz, SSL: yes, Subject: Naléhavé

Sender-host ip is not our.

In security log is:

SMTP: Message from authenticated user: <b****@b****.cz> was rejected, because sender identity was detected as spoofed. (Source IP address:, From header: <estacionamiento<_at_>>, Sender header: <>)

Too many messages from last hour

SMTP connection from rejected: too many messages last hour

How is it possible that someone has joined the SMTP and send over 1000 email?
Please help me which settings check to prevent this?
Thank you.
Re: Spam Attack? [message #145873 is a reply to message #145851] Tue, 28 May 2019 15:11 Go to previous messageGo to next message
freakinvibe is currently offline  freakinvibe
Messages: 528
Registered: April 2004
The key sentence in your log is "Message from authenticated user".

So the Spammer figured out the password of one of your users and is using the account to send out Spam.

You should immediately change the password of that user.

Dexion AG - The BlackBerry UEM Specialists in Switzerland
Re: Spam Attack? [message #145874 is a reply to message #145851] Tue, 28 May 2019 15:18 Go to previous message
b-tom is currently offline  b-tom
Messages: 171
Registered: January 2006
Sounds like one of your mail accounts got compromised. You server ip address has been used for mail abuse.

You may change the user password and run a full antivirus check on all affected workstations.
Previous Topic: Two servers - same resources
Next Topic: Bitdefender anti spam issues
Goto Forum:

Current Time: Fri Nov 15 14:45:28 CET 2019

Total time taken to generate the page: 0.03658 seconds