Server 2003 Enterprise SP1
Exchange 2003 SP2 running Trend Micro CSM Security for SMB
Clients on Outlook 2003 SP2
- All current on updates
The Trend CSM is a gateway product that manages SPAM, email viruses, attachments, etc. When something is received or sent that violates a set rule, the CSM quarantines the file and sends a message like so to the recipient...
From: Administrator [mailto:Administrator]
Sent: Tuesday, June 20, 2006 3:40 AM
To: Mike Jones
Subject: [MailServer Notification]Attachment Blocking Notification
The Listed.zip has been blocked,
and Quarantine entire message has been taken on 6/20/2006 3:39:37.
Subject:A list of product features
Within one day, there have been incidents where two users received a message similar to the above message from a valid email account in my ogranization. In checking the quarantine, the messages ARE valid, but THEY ARE OLD.
One external recipient received an email that was originally sent in 2003, and the other internal receipient received and email that was originally sent out 4 months ago. THe sender's don't show these messages in their sent items.
At this point I have verified the following:
-The sending account is valid
-The receiving account is valid
-The message is valid but old
-The sender does not show the recent email in Sent Items
-The recipient has the old/original email in archive so they did receive it before.
-Viral scans have not detected anything
-Spyware scans have been run and successfully cleaned anything visible to it.
It appears that either Exchange or the Trend product is screwey and resending old emails.
What I would like your help in is determing the root cause... is it Exchange or Trend? Any troubleshooting tips would be appreciated.