I've a question about these spoof \ fake emails spammers are sending to our organisation.
We are using Exchange 2003 with no open relays. However in my junk mailbox sometimes an email appears to be sent from me to another someone else internal (Although our company disclaimer isn't attached) And sometimes users will get an odd bit of junk mail sent from another user to them.
How do they do this ? Do they just put in any "from" address and any "to" address using some sort of client and then just relay through servers they can authenticate with ?
Is there anything I need to check ?