I am working in a Windows2003/Exchange2003 network environment and we are running mailsweeper 4.13. We also use a messagelabs service to scan all our incoming and outgoing mail. This is done externally at messagelabs.
The I.T. distribution group keeps recieving 2 emails of a spam nature every morning but I am not too sure where they are coming from and why.
The first to arrive is as below:
Your message has encountered delivery problems to the following recipient(s):
Sent: MAIL FROM:<firstname.lastname@example.org> SIZE=3142
Received:554 5.1.0 Sender Denied"
The postmaster account is an alias for the AD domain administrator account.
This is strange to me as it says that the email is from the email@example.com to the firstname.lastname@example.org. Although the message contents states that the message was sent from email@example.com.
There are two attachments to this notification. The first is a .dat file and the other is a text file which states:
"Reporting-MTA: dns; mailsweeper1.company.co.uk
Received-From-MTA: dns; mail59.messagelabs.com (unverified [22.214.171.124])
Arrival-Date: Sun, 12 Feb 2006 10:55:13 +0000"
What is this message trying to tell me?
The second message to appear arrives at the exact same time and reads:
"From: System Administrator
To:firstname.lastname@example.org (this is my email address. All members of the it tech group recieve this email addressed to their specific mailbox)
Your message did not reach some or all of the intended recipients.
Subject:Perfect identity design. This is why people come to Logoway.
The following recipient(s) could not be reached:
IT Tech Support on 12/02/2006 10:55
The e-mail address could not be found. Perhaps the recipient moved to a different e-mail organization, or there was a mistake in the address. Check the address and try again.
< mailsweeper1.company.co.uk #5.1.0 smtp; 554 5.1.0 Sender Denied>"
I have looked for the System Administrator account to run a message track but I cannot find it anywhere.
These emails appear nearly every day and we are having problems stopping them.
Please can an expert help me resolve this issue or at least clarify what is happening here.