JasonDecker
asked on
Incorrect user receiving mail
Our company has recenty been the victim of massive SPAM attacks. We have implemented GFI's SPAM filters and it it working fairly well howerver some users are receiving messages that according to the header of the message are addressed to someone else in the company. For example a legitimate user (user1@ourdomain.com) receives a messages which according to the header is address to legitimate user user2@ourdomain.com. How can exchange deliver a message to the wrong user? It is possible to hide something in the header which I cannot see in Outlook? We are not experiencing any other issues with Exchange. Any ideas???
Platform:
Exchange 2003 Std.
Windows 2003 Std.
Platform:
Exchange 2003 Std.
Windows 2003 Std.
ASKER
Didn't think about that, I never really paid attention to a header in a BCC. So, it appears the spammers are sending a single email to our domain to an invalid user and BCC'ing many more. Nice trick. Any ideas on how to stop this? I have in place GFI MailEssentials SPAM filter and it is catching thousands of these messages but hundreds are still getting through. What can we do?
BTW, I will accept your previous answer, and if you are able to continue this thread and help me get further I will also up the points since this is really a new question. If you don't have any additional info just comment and I will accept and close. Thanks...
BTW, I will accept your previous answer, and if you are able to continue this thread and help me get further I will also up the points since this is really a new question. If you don't have any additional info just comment and I will accept and close. Thanks...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for you help. I have tried to avoid some of the BL stuff 'cuz it can be a bit of an admin headache. I guess I will have to go there :-( Thanks again...
Yes, the BL stuff can be a bit of a headache...
...but so can Spam.
You may want to talk to them regarding the URL BL stuff.
You may want to talk to them regarding the URL BL stuff.
http://www.ietf.org/rfc/rfc2821.txt SMTP RFC - See section 7.2 regarding Blind Copies.