I am running Exchange Server 2000.
I received an email from a co-worker via SMTP, with a virus infected attachment. My anti-virus removed the virus.
The problem is, my co-worker never sent the email to me. It does not even exist in her sent items folder.
I checked the header information ... the From and Return-Path (has her correct email address) ... However, the IP address (is not our static IP address), it is from a site located in Amsterdam ...
Is their a way to detect this kind of fraud?