Spamming involves leaving a traffic footprint indicating higher volumes of port tcp/25 (SMTP) traffic towards internet mail servers. A report from an external email administrator, or spam service makes a credible complaint regarding a specific host within the organization.

Hosts suspected of this activity are usually infected with malware, which tends to participate in a botnet. The malware can be difficult to identify or remove. Hosts suspected of this activity should be removed from the network and checked for signs of compromise.

Still need help?

Contact the UBIT Help Center.