My network admin informed me that we are running exchange 2000 and if he can see that someone is acccessing our server for extended periods of time. Further, we are getting a lot of NDRs for emails that were never sent by anyone in this organization. There are no open relays and it appears that the "send to a friend" function we have on a web page is where these are coming from. That web page uses cdonts.newmail to forward the articles to a friend. Is their a way to prevent this if it is the web page that has the vulnerability?