I think this question really needs some serious expertise. Here’s the configuration:
Setting: Public School up North.
Os: Win Server 2003
School distict Application : MS- Exchange
A few employees are receiving targeted e-mails. These e-mails are not like the regular spam (even though they may fall into this category) since they address very specific information about the employees’ private life and other personal information. The “spammer” is knowledgeable enough to impersonate the user’s own email address. In clear the spammer uses the employee’s own email address ie: firstname.lastname@example.org
to send nasty e-mails to other employees.
Assuming that this spammer is an actual employee of the district, is there any way that he or she can be traced back. The big problem is the fact that the spammer is most likely hiding behind the district’s firewall. What could be the most efficient way to track these e-mails back to the originator? Some applications like “ Visual IP Trace” were used but stopped at the firewall.
Any hints would be greatly appreciated.