Exchange server hacked

Z

Zolly

Our Exchange server has been hacked by spammers.

I see unauthorized users When I enter the exchange server
manager/Administrative groups/First Administrative
groups/servers/server/protocols/smtp/default smtp virtual
server. I see 2 things
1) current sessions
2) queues

under the current sessions I see unauthorized users? how
the hell do they get in?

Upon further investigation, I noticed the DNS
administration console is gone. I suspect these are
related.

I have all security patches loaded, even the patch issued
last week. I suspect the intruders gained access before I
did so.

Any help would be appreciated.

(e-mail address removed)
(e-mail address removed)
 
L

Lanwench [MVP - Exchange]

First question: do you have a good firewall in place? Second question: if
so, what inbound ports are opened?
 
T

Tim

Don't include your email address when posting.
You are inviting spam and the latest hoaxes.
- Tim
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Exchange accounts with multiple email domains 2
Pop3 access to exchange server internally and externally 2
Interface to Exchange SMTP Server? 1
Microsoft Exchange Server Not wanted 1
Exchange 2007 Publuc Folders and ISA 2006 and Outlook anywhere 1
Query Exchange 2003 for valid SMTP Address 1
Exchange Server 2003 Crashes 1
Exchange Server 2003 Crashes 1

Top