TheCat41
asked on
Client receiving bulk email to his company email address. The emails say that they originated from some else in the company who does not exist.
I have a client who is receiving bulk email bounces "mailer-daemon" or "undeliverable" etc Today he received 4000+ His is the only one within the company that is receiving these emails. The emails state that they were sent from (for example) jeof@bg.com.au which does not exist or is no such employee. All the emails are going to different companies around the world and all come back to his email acount (for example) andrew@bg.com.au. Steps taken so far:
1. Aggressive virus scanning completed - no virues etc found
2. Aggressive spyware scan - none found
3. Reformated workstation - problem still there.
Any advise would be appreciated on what is happening and what can be done. Client is very unhappy and I need some answers to explain the issue in more detail so that they understand, and if the there is a possible solution. I have tried everything I know to resolve this issue, but I now need help. Client is now suggesting going to someone else for help if I can not resolve this.
Kind Regards
TheCat41
1. Aggressive virus scanning completed - no virues etc found
2. Aggressive spyware scan - none found
3. Reformated workstation - problem still there.
Any advise would be appreciated on what is happening and what can be done. Client is very unhappy and I need some answers to explain the issue in more detail so that they understand, and if the there is a possible solution. I have tried everything I know to resolve this issue, but I now need help. Client is now suggesting going to someone else for help if I can not resolve this.
Kind Regards
TheCat41
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Forced accept.
Computer101
EE Admin
Computer101
EE Admin
What you are looking for here is an attempt to use the machine to send mail, which is what the worry is about with all those strange replies. Just to be sure, and my guess is that there will be nothing to be found. If there was then someone is borrowing the HD to make a mailing list. Possible still, if no upgrades installed.
When rebuilding the machine, you have to use the install cd's, erase the partition, and before getting on the network get ZoneAlarm installed to block. All remote access should be denied. User should not login with admin authority over the file system. Then they can get back to their mail and web access.