We currently have a spammer on our server sending too many messages a day and we can't find him. We would like to turm the SMTP port off so that he cannot send any message either.

Where do I turn off or disable PORT 25 (SMTP) on a Windows 2000 server with IIS 4.0??

Any help is appreciated

Well Im not sure really how to tell you because I do not know windows, but, the general idea is to kill the mail prosses, find out the name of the smtp program, the stop it. If you have a firewall, then deny all traffic to that port. What you appear to have is open relaying. open relaying is very bad because anyone can come in and forge email. I suggest you contact the program makers and ask how to disable it. Also it could be that the person found a hole in the software and exploiting that.

If you log into the IIS MMC, do you see a "Default SMTP". If so, right click and stop.

You can stop it from automatically starting by going into the services and changing "SMTP" to manual.

Let us know if that does not help!

we have done the following three things already and our server is still "supposedly" sending SPAM to other users and as a result it has been turned off by our upstream provider www.skynetweb.com

1: Turned OFF the Default SMTP server from IIS 4.0. (just like Rackmy.com mentioned above)

2: Went into the Services screen and "disabled" Simple Mail Transport Protocol (SMTP) so that it is always OFF now.

3: Went into Imail 6.0 mail setup and turned SMTP OFF and also set "Mail relay for no one" to OFF.

Isn't this enough to stop a spammer from sending mail??

If you're talking about the frontserve.com server, it seems to still be responding to port 25.

BTW, as long as the spammer has got an account on your server he may not need to use your SMTP server. He can run his own script or program to send spam.

Get a firewall, then block the port.

To only enable certain ports on Windows 2000, use the following steps:

1.) Right click on the 'My Network Places' icon on the desktop and select 'Properties'. (This is the same as going to the control panel and double-clicking on the 'Network and dial-up connections' icon).

2.) Right click on one of the icons that represents a network connection and select 'Properties'.

3.) Select 'Internet Protocol (TCP/IP)' and click on the 'Properties' button.

4.) Click on the 'Advanced' button.

5.) Click on the 'Options' tab in the 'Advanced TCP/IP Settings' dialog window.

6.) Select TCP/IP filtering, and press the 'Properties' button.

7.) Check the 'Enable TCP/IP Filtering' checkbox -- this enables filtering on all network interfaces in the system. (Sorry -- this part is all or nothing, so sayeth Bill.)

8.) Select 'Permit only' for the TCP ports selection, and select the ports you'd like to allow. Omit port 25 from the list (SMTP).

9.) Press 'OK' on every window you just opened. You might need to reboot.


Or, if you had Linux -- it's a one-line ipchains/iptables command. :-) (Thank God for Linux).

Dan.

That does not work for out going traffic, only incoming. :(