An interesting quandary. I noticed a large number of failed DNS lookups from my MS W2K Exchange server to my MS W2K DNS sever looking for firstname.lastname@example.org.
My admin notes that there was a bogus piece of SPAM that generated a nice little piece of malware claiming to be from bbb.org.
The domain is on SAV 10 and scans are run against all servers and clients. AV did find three copies of DOWNLOADER Trojan in a users MBX, but it was deleted at the time of detection. Subsequent scans using both SAV tools and MS Malicious SW removal have turned up a clean machine. Inspection of the registry show the same - a clean box. Network scans still show a fair number of inquiries.
Any ideas on how to determine what program is making the inquiry? I know where the problem is, but still trying to answer what is causing the issue?