troubleshooting Question

Under a Reverse NDR attack for the last 72 hours

Avatar of JesseLoesch
JesseLoeschFlag for United States of America asked on
ExchangeAntiSpamEmail Protocols
5 Comments1 Solution455 ViewsLast Modified:
Ok, for the last 72 hours one person in our organization has been receiving almost 200 NDRs an hour. it is only one SMTP address of only one User so I am guessing someone is sending spoofed spam and these are just the ndrs from those rcpt's. One solution is to just change his eMail address and all of this would of course stop but from a business standpoint these just does not seem like the best option.

 What else can I do here to stop this?

Running Exchange Server 2003 on Server 2003 Enterprise with TrendMicro Scanmail.

Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 5 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros