Home > IT Answers > Exchange > What is a Reason for Outgoing TCP Connections to Port 25 (SMTP) From Random TCP Ports on a PC with no Email Client Running?
RockAmadeus
5 pts.
 What is a Reason for Outgoing TCP Connections to Port 25 (SMTP) From Random TCP Ports on a PC with no Email Client Running?
SMTP, SMTP Errors, TCP
What is a Reson for Outgoing Tcp Connections to Port 25 (SMTP) From Random Tcp Ports on a Pc with no Emamil Client Running? The IP addresses that it was trying to reach resolved to yahoo and aol webmail mx servers. I am trying to track down a spam virus in a network, is this sysmptoms of the virus.

Software/Hardware used:
ASKED: June 20, 2010  8:48 PM
UPDATED: June 22, 2010  12:24 AM
RELATED QUESTIONS
Answer Wiki:
It certainly could be. VIruses can replicate using email from an infected client.
Last Wiki Answer Submitted:  June 21, 2010  12:33 pm  by  Matt Mather   3,610 pts.
All Answer Wiki Contributors:  Matt Mather   3,610 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

It could also be other type of malware, such as a key logger or other type of spyware. These programs use to have smtp functionality to send data they gather from the victim.

carlosdl
 63,535 pts.
 

It’s something sending out email that shouldn’t be.

One way to stop this is to block all computers from connecting from inside your network to outside your network on port 25, except for the machines which should be (your Exchange mail gateway for example).

Denny Cherry
 64,520 pts.