Strange Emails Reaching Account On MS Exchange 2003
Hi All
I have some strange email reaching one of our email accounts on MS Exchange 2003
Ex:
Your message did not reach some or all of the intended recipients.
Subject: college-educated turn signal
Sent: 9/9/2007 6:33 PM
The following recipient(s) could not be reached:
ahaberstolz@dauria.demon.c
Could not deliver the message in the time limit specified. Please retry or contact your administrator.
< punt-3.mail.demon.net #5.4.7>
Now the thing is that I am 100% positive that our server is not open to relay..I did some tracking and concluded that the email above reached expertus@ourdomain.com however we do not have an account named expertus@ourdomain.com after that it was sent to the inbox of manager@ourdomain.com.
The email looks like a bounced email however we do not have any account named expertus@ourdomain.com that could have sent this email. I checked in the message tracking and that user "even if it does not exist" did never send an email. So is this just some sort of spam ??
The second thing I could not understand if this email reached expertus@ourdomian.com why did was it stored in the mailbox of manager@ourdomian.com
Thx for any help
I have some strange email reaching one of our email accounts on MS Exchange 2003
Ex:
Your message did not reach some or all of the intended recipients.
Subject: college-educated turn signal
Sent: 9/9/2007 6:33 PM
The following recipient(s) could not be reached:
ahaberstolz@dauria.demon.c
Could not deliver the message in the time limit specified. Please retry or contact your administrator.
< punt-3.mail.demon.net #5.4.7>
Now the thing is that I am 100% positive that our server is not open to relay..I did some tracking and concluded that the email above reached expertus@ourdomain.com however we do not have an account named expertus@ourdomain.com after that it was sent to the inbox of manager@ourdomain.com.
The email looks like a bounced email however we do not have any account named expertus@ourdomain.com that could have sent this email. I checked in the message tracking and that user "even if it does not exist" did never send an email. So is this just some sort of spam ??
The second thing I could not understand if this email reached expertus@ourdomian.com why did was it stored in the mailbox of manager@ourdomian.com
Thx for any help
ASKER
Well you are right about me having the catchall script however it is forwarding unresolved mail to info@ourdomain.com not manager@ourdomain.com
Const strDestinationEmail = "smtp:info@ourdomain.com;"
Const strDestinationEmail = "smtp:info@ourdomain.com;"
ASKER
As a note I do not have the script referenced in your link as that is the MS version. I do have another one called Exchange 2000/2003 Catchall Mailbox Script package
The one on the MS site does catch all for a whole domain for deliverable and undeliverable emails. The one I have only does that for undeliverable emails
The one on the MS site does catch all for a whole domain for deliverable and undeliverable emails. The one I have only does that for undeliverable emails
Does this mean that mail is getting from info@ourdomain -> manager@ourdomain in some kind of unexplained way, or is the mystery solved? (i.e. manager@ourdomain should be receiving that mail, because there is an alias)
ASKER
well..it is unexplained mainly the two things below
1- Emails are sent to Expertus@mydomain.com and reach the inbox of manager@mydomain.com..I cant find an inbox called expertus neither can I find an alias called expertus "I did not setup this this server". Is there a way to search through the Exchange server and check for contacts and aliases ?
2- The emails look like bounces, I am 100% positive that I do not have relay enabled I triple checked. So does that mean that this is some kind of nasty spam ?
1- Emails are sent to Expertus@mydomain.com and reach the inbox of manager@mydomain.com..I cant find an inbox called expertus neither can I find an alias called expertus "I did not setup this this server". Is there a way to search through the Exchange server and check for contacts and aliases ?
2- The emails look like bounces, I am 100% positive that I do not have relay enabled I triple checked. So does that mean that this is some kind of nasty spam ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
My initial thought is that you've got some kind of catchall SMTP_event that forwards unresolved mail to manager@ourdomain.com.
Assuming (always a bad idea) that this is using the standard MS catchall script (unsupported, but widespread) it'll be called catchall.vbs (you'll need to search your exchange server for this).
This document has basic details about it: http://support.microsoft.com/kb/324021