This year in particular, I've seen an increasing number of users' email account credentials become compromised, which has allowed spammers free reign to use their mail server to send spam out to the Internet. The usual result is an overflowing outbound mail queue, thousands of bounce messages coming in and your server's IP address being blacklisted. The first thing to note is that if your company has an email server, you should assume that spammers will always be trying to hijack users' accounts by guessing their passwords. In this post I will run through a few simple pro-active settings checks that can reduce the chances of this happening and - in the unfortunate event that it does happen - can limit the resulting negative effects.

One of the more common customers support calls i get relates to MDaemon suddenly sending vast amounts of spam email. This floods the outbound Internet connection and everything crawls to a halt. Secondary to this the server's public IP address can get listed on various external SMTP blacklists which the customer then has to request removal from.