Getting Spam After Upgrade of IMSS from 5.7 to 7.0
Posted on 2008-06-25
Last Friday, we upgraded IMSS from 5.7 to 7.0. Additionally, we use Postini for both in and outbound email spam protection, so all of our message headers inbound have a Postini "footprint" as it were.
However, after the upgrade to 7.0, we have been getting spam email messages that simply say:
Subject: Delivery Final Failure Notice
Body: Can not deliver the message you sent. Will not retry.
The header of the message has no Postini relays mentioned, and is in fact rather short, with a message id of <firstname.lastname@example.org> but the message itself came FROM our IMSS server to our back-end Exchange Server and the postmaster account is NOT the one specified in the IMSS notification settings either.
IMSS is configured to only allow relaying to our internal Exchange server and our Postini relays. What's different about this is that in 7.0, it lists 127.0.0.1 as a valid IP to allow relaying. Trend Micro says we cannot remove it (i tried, twice, it keeps coming back) -- they say it's the way the program operates, but I think it's a little weird that 127.0.0.1 just so happens to be in the message ID of these spam messages too....
Any advice would be appreciated -- am I barking up the wrong tree? Or is Trend really screwing me over in this new version?? Confused and frustrated with their technical support right now :(