Solved

Keep getting same spam and then Undeliverable message to some other user for that same email

Posted on 2007-11-14
8
255 Views
Last Modified: 2013-11-30
I keep getting the same email over and over-- twice a day. The email also has the sender as being from myself to myself.


The user name changes but everything else is the same. The tile of the email is November 75% Off
"Dear Vito Gordon,
Thank you for scheduling your recent credit card payment online. Your payment will post to your account on 12/09/2007.
Now that you're making your payment online, are you aware of all the convenient ways you can manage your account online?
Just log in to www.yxiv.com today. Using the "I'd like to..." links for your credit card account, you can access more than a dozen features, including links to: "

About a minute after I get this email  I get the email below:

Your message did not reach some or all of the intended recipients.

      Subject:      November 75% OFF
      Sent:      11/14/2007 7:45 PM

The following recipient(s) cannot be reached:

      kristina@bongraemusic.com on 11/14/2007 7:45 PM
            The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address.
            < nospam.ymail.net #5.1.1 SMTP; 550 5.1.1 <kristina@bongraemusic.com>... User unknown>


I know I didnt send this email, and it isnt in my sent folder. I went to MXtoolbox.com to verify if my server is an open relay and it said i wasnt. I did go to one other site (cant recall) that mentioned it was an open relay. We had an open relay two years ago but we ended up fixing it and got off all the blacklists.

Any help with this annoying problem would be appreciated.
0
Comment
Question by:stevensims
  • 4
  • 3
8 Comments
 
LVL 12

Expert Comment

by:bhnmi
ID: 20283147
DOes anyone else in the organization get these?
0
 
LVL 12

Accepted Solution

by:
NetAdmin2436 earned 125 total points
ID: 20283194
There's not much you can really do about it. What you are refering to is called 'backscatter'. Basically a spammer sends out spam to bogus@companyA.com with a spoofed address pointing back to you. The email server at companyA sends out a NDR to you. (if the admin was good, he would disable NDR)
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22116577.html?sfQueryTermInfo=1+backscatt+ndr
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22520233.html?sfQueryTermInfo=1+backscatt

You can be a good neighbor and prevent YOUR server from doing this to others, but not vice versa.

Hope this helps
0
 
LVL 1

Author Comment

by:stevensims
ID: 20284270
Okay..I know how to disable NDR but would this have an effect on anything else?

Emails coming in to our server can have an invalid user name but will not get kicked back to the original sender. All of those emails get sent to our catchall box. So in a sense we arent sending out NDR's..right?
0
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 20284378
It's a bad idea to disable NDR's on your server all together. You will likely get blacklisted.

Correct, your server should not be sending NDR's if a  bogus@yourcompany.com email comes in if you have a catchall box.

What kinda of antivirus/antispam program do you use? Many of these have a 'directory harvesting' feature like a catchall box that will just delete the email and not send out a NDR.
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 1

Author Comment

by:stevensims
ID: 20284551
We are using GFI Mail Essentials for our Spam blocker.
0
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 20284590
OK, that's what i use too.

In your mailessentials configuration --> anti-spam --> Directory Harvesting --> properties. On the 'general' tab, it should be enabled. Then on the 'other' tab you should have 'generate Non Delivery Repots (NDR) unchecked.

You should be all set to go.
0
 
LVL 1

Author Comment

by:stevensims
ID: 20284994
I checked and everything was configured as you instructed.

My last question.

Company A is getting email with a spoofed address pointing back to my company. Couldnt that companyt possibly get us blacklisted even though the email never came from us? I would assume that the senders name isnt looked at for blacklists but the IP address is?
0
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 20289318
Yes, I think you are exactly right. The company sending fake emails are most certain on blacklists, that is if they aren't spoofing their IP as well.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now