Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


User being accused of spamming

Posted on 2007-11-28
Medium Priority
Last Modified: 2010-04-21
A user in my office opened and forwarded a chain email to one of her contacts.

A few days later a different contact asked her to stop sending the email to them on a daily basis. She had not included this contact on the forward.

I ran a virus scan on her computer and came up empty. I also had a local IT company look at the Exchange server to see if he could verify that the email was in fact originating from the server and again we learned nothing.

Over the course of a few days more and more people started emailing her asking her to stop sending the email. It appears that the email is sent on a fairly regular schedule as the timestamp on the email frequently is at 7:14 AM.

I'm at a loss for what to do next.
Question by:agventure
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 20367815
It is possible that the email is not really being sent by her - in other words her email address is being spoofed on spam messages from someone else.

Do you have a copy of an email that her contacts allege she sent to them?
And has she received any bounce messages saying that an email she sent could not be delivered recently?

If you have a copy of a spam email that she is supposed to have sent you can look at the email headers and identify where it came from - I can talk you through the headers if you do.

Author Comment

ID: 20367879
Unfortunately she had deleted the email before she had found out there was a problem. I had wanted to look at the headers as well.

She has yet to receive a bounce message. All of the recipients who have notified her are people she has emailed in the past.

I'm afraid you're probably right that her address is being spoofed. Do I have any option besides changing her email address if that is the case?

Accepted Solution

whatsoverthere earned 2000 total points
ID: 20368155
To tell where the email came from you want to look at the headers on emails that the other people received rather than her copy of the email. So you need them to forward the email that she supposedly sent to them to you.

It's not possible to completely prevent the spoofing. You could set SPF records for your domain (these records tell other people which mail servers are authorised to send emails from your domain) - but many mail servers don't check SPF records anyway.

Author Closing Comment

ID: 31411443
Thanks! I'll see what I can come up with from the header. If worse comes to worse I'll just change the user's email address so those people being spammed can just set it to their block lists.

Author Comment

ID: 20368775
Thanks! I'll see what I can come up with from the header. If worse comes to worse I'll just change the user's email address so those people being spammed can just set it to their block lists.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question