Solved

Spam to webmaster address lands in users mailbox

Posted on 2008-10-02
12
495 Views
Last Modified: 2010-04-21
We have a user that is receiving spam that is meant for webmaster@ourdomain.com
The webmaster email address does not exist in our exchange organisation or if it does I can't find it.
IMF is enabled but no luck in stopping it!
How is this spam making all the way to a users mailbox.
Attached Internet Headers from Outlook 2007.
p.s. removed ip address and dns names of our ISP

-----------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from ourisp ([ip_address]) by ourexchange server with Microsoft
 SMTPSVC(6.0.3790.3959); Thu, 2 Oct 2008 17:07:05 +0200
Content-Transfer-Encoding: 7bit
Importance: normal
Priority: normal
Received: from ourisp ([ipaddress]) by ourisp with Microsoft SMTPSVC(6.0.3790.3959); Thu, 2 Oct 2008 17:06:58 +0200
Received: from 27.Red-80-32-151.staticIP.rima-tde.net ([80.32.151.27]) by ourisp
 with Microsoft SMTPSVC(6.0.3790.1830); Thu, 2 Oct 2008 17:08:32 +0200
From: "Saeng" <Saeng-kremruek@BANKTRUSTBREWTON.COM>
To: <webmaster@ourdomain.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4073
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;boundary="----=_NextPart_000_000E_01C924B1.4DA1CAF0"
Subject: We are sure that lengthening will help you boost your intimate life!
Date: Thu, 2 Oct 2008 17:07:08 +0200
Message-ID: <000d01c924a0$8a18faf0$1b972050@claudia>
X-MS-TNEF-Correlator:
Thread-Topic: We are sure that lengthening will help you boost your intimate life!
thread-index: AckksU2hOsoP3cUaSamsMQW56QlpLg==
Return-Path: <Saeng-kremruek@BANKTRUSTBREWTON.COM>
X-OriginalArrivalTime: 02 Oct 2008 15:08:32.0734 (UTC) FILETIME=[BC2F17E0:01C924A0]

------=_NextPart_000_000E_01C924B1.4DA1CAF0
Content-Type: text/plain;charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
X-EC0D2A8E-5CB7-4969-9C36-46D859D137BE-PartID: C4EA93A3-6506-4D9E-9811-52EDB5923234

------=_NextPart_000_000E_01C924B1.4DA1CAF0
Content-Type: text/html;charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
X-EC0D2A8E-5CB7-4969-9C36-46D859D137BE-PartID: D01DAAC3-57A3-4142-9030-343A28A8A373


------=_NextPart_000_000E_01C924B1.4DA1CAF0--
0
Comment
Question by:SACUADMIN
  • 6
  • 4
  • 2
12 Comments
 
LVL 3

Expert Comment

by:gke565
ID: 22626203
Is it possible the user has a secondary SMTP address listed in their profile from long ago?  Is email from another account being forwared to this user?
0
 

Author Comment

by:SACUADMIN
ID: 22626300
I have checked the profile and I can find no reference to the "webmail" address. No email from another account is being forwarded to the user. I am truly stumped.
0
 
LVL 16

Expert Comment

by:robrandon
ID: 22626412
If you address an email internally to the webmaster@ourdomain.com address, does it go to that user?

Does that address resolve when you enter it in Outlook?  What happens when you click the properties of that address?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:SACUADMIN
ID: 22626524
If I address it internally I get...
"The e-mail account does not exist at the organization this message was sent to.  Check the e-mail address, or contact the recipient directly to find out the correct address".

Properties for the address just brings up the "Email Properties" dialog.

However if I send to it from an external address, it lands straight in the user's mailbox

0
 
LVL 3

Expert Comment

by:gke565
ID: 22626568
Are you hosting your own domain on exchange for the email - or are you POP'g an outside server?
0
 

Author Comment

by:SACUADMIN
ID: 22626596
We are not hosting our own domain on exchange.
Mail is routed via an ISP to our exchange environment.
0
 
LVL 3

Accepted Solution

by:
gke565 earned 250 total points
ID: 22626643
I would bet then that the ISP has a forwarded to the user, probably because that was the user that set up the account and the ISP required a webmaster address.  Best to set up a webmaster account internally and have the ISP change the pointer.
0
 

Author Comment

by:SACUADMIN
ID: 22626701
Thanks I will get in touch with the ISP and find out.

For my education, Are you saying the ISP could create any email address and forward it to a user in our domain and we could do nothing to stop it?

Doesn't sound right? :-(

0
 
LVL 16

Expert Comment

by:robrandon
ID: 22626720
If they are hosting your Exchange they would be able to.
0
 
LVL 3

Expert Comment

by:gke565
ID: 22626725
Some ISPs will require a webmaster or postmaster account as part of their agreement, mostly to deflect questions about your company to you.  You might want to do a whois on your domain and see what the contacts are for it.
0
 

Author Comment

by:SACUADMIN
ID: 22626833
Thats my worry. They are not hosting our exchange. All the mailboxes and accounts are internal. They are just forwarding mail meant for our domain to our exchange server via a front-end Exchange Server.

0
 

Author Closing Comment

by:SACUADMIN
ID: 31502440
Thanks it was forwarded by the ISP.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question