Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 335
  • Last Modified:

Exchange sending strange email. Help!

I have a user who, according to Exchange 2003, is sending some erroneous email.

When I track these messages in Exchange, they appear to be sent to server-sa@domain.com.

The strange thing is that I don't have an account for server-sa. Plus, this user only uses OWA. When I check his email, there is no trace of emails being sent to server-sa.

What could this be and how can I resolve it?
0
lenivan
Asked:
lenivan
  • 2
1 Solution
 
DovinshkaCommented:
Are these emails being generated on a regular basis or are they random?

You may wish to run a sniffer such as Wireshark, http://www.wireshark.org/  to capture SMTP packets and filter the results.

It could be a rogue application, malware, etc.

Dov.
0
 
4eosCommented:
Possible backscatter.
0
 
lenivanAuthor Commented:
no other ideas?
0
 
DovinshkaCommented:
Have you tried to run a packet sniffer? This will tell you where traffic is being generated from. You can also filter the results to just show SMTP packets.

You may also wish to configure security auditing to see logon events at the time the email was sent.

Dov.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now