I had a few different users this morning recieve the same exact NDR from the System administrator regarding a spoofed email that was never sent out. The NDR came from System Admin of a completely seperate domain and Exchange Server that we have. No user ever generated the original message and it seems to be spam related. The intented recipients do not even exist at our organization.
We have corporate antivirus running with up to date definitions. Here is the error - (Name and domain have been replaced for security reasons):
Your message did not reach some or all of the intended recipients.
Subject: RE: -------------------------
Sent: 11/5/2008 8:47 AM
The following recipient(s) cannot be reached:
firstname.lastname@example.org on 11/5/2008 8:47 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.