Link to home
Start Free TrialLog in
Avatar of JasonDecker
JasonDeckerFlag for United States of America

asked on

Incorrect user receiving mail

Our company has recenty been the victim of massive SPAM attacks.  We have implemented GFI's SPAM filters and it it working fairly well howerver some users are receiving messages that according to the header of the message are addressed to someone else in the company.  For example a legitimate user (user1@ourdomain.com) receives a messages which according to the header is address to legitimate user user2@ourdomain.com.  How can exchange deliver a message to the wrong user?  It is possible to hide something in the header which I cannot see in Outlook?  We are not experiencing any other issues with Exchange.  Any ideas???

Platform:
Exchange 2003 Std.
Windows 2003 Std.
Avatar of flyguybob
flyguybob
Flag of United States of America image
The BCC field can be used extensively.  I can send a message to john@company.com, BCC it to jane@othercompany.com and jane can recieve it, looking like it was originally intended for john@company.com.  I can also do this to send messages to a group of folks.

http://www.ietf.org/rfc/rfc2821.txt  SMTP RFC - See section 7.2 regarding Blind Copies.
Avatar of JasonDecker
JasonDecker
Flag of United States of America image

ASKER

Didn't think about that, I never really paid attention to a header in a BCC.  So, it appears the spammers are sending a single email to our domain to an invalid user and BCC'ing many more.  Nice trick.  Any ideas on how to stop this?  I have in place GFI MailEssentials SPAM filter and it is catching thousands of these messages but hundreds are still getting through.  What can we do?

BTW, I will accept your previous answer, and if you are able to continue this thread and help me get further I will also up the points since this is really a new question.  If you don't have any additional info just comment and I will accept and close.  Thanks...

ASKER CERTIFIED SOLUTION
Avatar of flyguybob
flyguybob
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of JasonDecker
JasonDecker
Flag of United States of America image

ASKER

Thanks for you help.  I have tried to avoid some of the BL stuff 'cuz it can be a bit of an admin headache.  I guess I will have to go there :-(  Thanks again...
Avatar of flyguybob
flyguybob
Flag of United States of America image
Yes, the BL stuff can be a bit of a headache...
Avatar of flyguybob
flyguybob
Flag of United States of America image
...but so can Spam.

You may want to talk to them regarding the URL BL stuff.